[EXTERNAL] VoIP Provider DDoSes

Mike Hammett nanog at ics-il.net
Tue Sep 21 22:39:18 UTC 2021 

*nods* We have a Metaswitch SBC. 


So as long as the pipe isn't full, an SBC is the buffer one needs? If the pipe is filled, pump it through {insert DDoS mitigation service here}? 







----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Rich A Compton" <Rich.Compton at charter.com> 
To: "Mike Hammett" <nanog at ics-il.net>, "NANOG" <nanog at nanog.org> 
Sent: Tuesday, September 21, 2021 4:59:06 PM 
Subject: Re: [EXTERNAL] VoIP Provider DDoSes 



Most of the larger DDoS mitigation appliances can block malformed SIP traffic and also can block volumetric/state exhaustion UDP floods. A lot of VoIP companies have Session Border Controllers (SBCs) to protect public facing VoIP services. SBCs are more application aware. Kind of like a proxy based firewall just for VoIP. 

-Rich 


From: NANOG <nanog-bounces+rich.compton=charter.com at nanog.org> on behalf of Mike Hammett <nanog at ics-il.net> 
Date: Tuesday, September 21, 2021 at 3:31 PM 
To: NANOG list <nanog at nanog.org> 
Subject: [EXTERNAL] VoIP Provider DDoSes 



CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance. 

As many may know, a particular VoIP supplier is suffering a DDoS. https://twitter.com/voipms 



Are your garden variety DDoS mitigation platforms or services equipped to handle DDoSes of VoIP services? What nuances does one have to be cognizant of? A WAF doesn't mean much to SIP, IAX2, RTP, etc. 





----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com The contents of this e-mail message and 
any attachments are intended solely for the 
addressee(s) and may contain confidential 
and/or legally privileged information. If you 
are not the intended recipient of this message 
or if this message has been addressed to you 
in error, please immediately alert the sender 
by reply e-mail and then delete this message 
and any attachments. If you are not the 
intended recipient, you are notified that 
any use, dissemination, distribution, copying, 
or storage of this message or any attachment 
is strictly prohibited. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210921/5ff7a1a1/attachment.html>

More information about the NANOG mailing list