Bandwidth having issues
-
@dashrender said in Bandwidth having issues:
@jaredbusch said in Bandwidth having issues:
@dashrender said in Bandwidth having issues:
I was wondering if it was going to come back today.
I assume the attackers are smart enough not to waste resources attacking when the U.S. is not using the phone.
that didn't stop them from running the attack agains VOIP.ms all night... or at least most of it...
And short of using the botnet to attack someone else during the US night, it's no skin off the hacker's teeth to keep it going all the time.
Because, I assume, voip.ms was a proof of concept on low hanging, insecure fruit that took minimal effort. An attack on Bandwidth and Verizon is likely thousands of times more intense.
-
@scottalanmiller said in Bandwidth having issues:
@dashrender said in Bandwidth having issues:
@jaredbusch said in Bandwidth having issues:
@dashrender said in Bandwidth having issues:
I was wondering if it was going to come back today.
I assume the attackers are smart enough not to waste resources attacking when the U.S. is not using the phone.
that didn't stop them from running the attack agains VOIP.ms all night... or at least most of it...
And short of using the botnet to attack someone else during the US night, it's no skin off the hacker's teeth to keep it going all the time.
Because, I assume, voip.ms was a proof of concept on low hanging, insecure fruit that took minimal effort. An attack on Bandwidth and Verizon is likely thousands of times more intense.
what other side effects would we expect to see from an attack like that?
-
The rumors we are hearing is that these attacks are state-sponsored sized, and the attackers are torching everything well before it even gets to the target network (Verizon, Bandwidth, etc). This is not an ordinary attack, and everyone's spooked.
-
@dashrender I've had issues with RFC2833 and had to change some systems with IVR front ends to inband signaling.
-
@jaredbusch I've got my PBX's pretty well locked down by using FQDN, but now all this is making me think ... do I need to add the DDoS feature set on all my Vultr instances? What's everyone else do?
-
@dashrender said in Bandwidth having issues:
@scottalanmiller said in Bandwidth having issues:
@dashrender said in Bandwidth having issues:
@jaredbusch said in Bandwidth having issues:
@dashrender said in Bandwidth having issues:
I was wondering if it was going to come back today.
I assume the attackers are smart enough not to waste resources attacking when the U.S. is not using the phone.
that didn't stop them from running the attack agains VOIP.ms all night... or at least most of it...
And short of using the botnet to attack someone else during the US night, it's no skin off the hacker's teeth to keep it going all the time.
Because, I assume, voip.ms was a proof of concept on low hanging, insecure fruit that took minimal effort. An attack on Bandwidth and Verizon is likely thousands of times more intense.
what other side effects would we expect to see from an attack like that?
not much, the telephony infrastructure is so small and fragile compared to the Internet.
-
@krzykat said in Bandwidth having issues:
@jaredbusch I've got my PBX's pretty well locked down by using FQDN, but now all this is making me think ... do I need to add the DDoS feature set on all my Vultr instances? What's everyone else do?
No, why? WE are not targets. If someone decided to DDOS by a state, you are screwed. Period. Nothing is going to stop that at any of our scales.
-
Also, no state would ever do that, because it's ridiculous. That's almost equivalent to a foreign government hiring assassins to go to your house and take you out. Unless you are someone insanely important, that is never going to happen. Too expensive, too much risk, no payback.
Even at a state level, attacks are always an economic game.
-
@scottalanmiller I was thinking more of do they try to take down Vultr
-
@scottalanmiller Isn't that still something close to that that VoiP.MS experienced? and granted they didn't have CLoudflare setup on their main site ahead of this.
-
@krzykat said in Bandwidth having issues:
@scottalanmiller I was thinking more of do they try to take down Vultr
Then just move to another provider. Just have backups.
Hard to imagine Vultr being a target, but plausible.
-
@dbeato said in Bandwidth having issues:
@scottalanmiller Isn't that still something close to that that VoiP.MS experienced? and granted they didn't have CLoudflare setup on their main site ahead of this.
No, the degree of lazy and incompetent at voip.ms is pretty extreme. Not even the level of DDoS protection any mom and pop shop should have with minimal competence. Like there is not being good, and there is not even trying. And voip.ms fell into not trying at all category, it sounds like.
-
@dbeato said in Bandwidth having issues:
@scottalanmiller Isn't that still something close to that that VoiP.MS experienced? and granted they didn't have CLoudflare setup on their main site ahead of this.
voip.ms is a telephone backend provider, not a small non-networking firm like all of us. None of us are targets or at that kind of networking scale, in any way. None of us can be attacked in a DDoS to take out our customers. voip.ms represented the physical infrastructure of tens of thousands of customers, and didn't even do the basics, as I understand it.
-
@scottalanmiller I agree and upon reflection, using Vultr DDoS wouldn't work if they were attacked anyhow. Certainly it would be higher up the food chain. I have backups of everything and would have it up very quick somewhere else. I've actually been working on my Kazoo setup and can use it as failover.