dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
11
share rss forum feed

bigpapae35

join:2002-10-25
united state
kudos:1
Reviews:
·Callcentric
reply to DennisD

Re: CallCentric tech issues today?

is there is a way for companies to stop ddns attacks?

im sure the hackers will eventually get wind of the new sip server address next week and it will happen again.

Is there no other way to deflect it, like making the address not pingable?


hawk82

join:2001-04-26
centralmaine
Reviews:
·Time Warner Cable
said by bigpapae35:

is there is a way for companies to stop ddns attacks?

Getting all internet users to better protect their computers is a good start, followed by sysadmins...

gweidenh

join:2002-05-18
Houston, TX
kudos:3
reply to bigpapae35
Services like cloudflare.com exist to protect companies from DDOS attacks.

In many cases, spinning up a bunch of cloud servers to take the brunt of the attack is the best defense. Although, the attackers are always coming up with ways to be more aggressive.

With Anveo and now Callcentric being hit in the past few weeks, I hope we are not seeing a new trend begin to form.


Arne Bolen
Happy Anveo customer
Premium
join:2009-06-21
Cyberspace
kudos:4
Reviews:
·Anveo
·voip.ms
reply to bigpapae35
said by bigpapae35:

is there is a way for companies to stop ddns attacks?

DDoS attacks are easy to execute due to the many millions of poorly protected computers running Windows.

The only way to make it more difficult to launch DDoS attacks would be to disconnect all Windows computers from the net, and that's not going to happen.
--
My VoIP News

PX Eliezer70
Premium
join:2008-08-09
Hutt River
kudos:13
Reviews:
·callwithus
·voip.ms

1 edit
reply to gweidenh

CallCentric DDoS attack

said by gweidenh:

With Anveo and now Callcentric being hit in the past few weeks, I hope we are not seeing a new trend begin to form.

This has already been posted, but it bears fuller posting on this page:

DDoS attacks reach new level of sophistication

Prolexic Technologies warned of an escalating threat from unusually large and highly sophisticated DDoS attacks.

The DDoS attacks have been launched in the last week using the so-called itsoknoproblembro DDoS toolkit. The malicious actor(s) behind the attacks have used this potent tool in conjunction with sophisticated attack methods that clearly demonstrate knowledge of common DDoS mitigation methods.

The attack signatures are extremely complex and Prolexic has recorded sustained floods peaking at 70 Gbps and more than 30 million pps against some of its customers. Most mitigation providers would struggle to combat DDoS attacks with these characteristics....

»www.net-security.org/secworld.php?id=13704

As was said, Anveo was recently hit by an attack, now CallCentric.

Both are companies that know what they are doing and that keep on top of their networks. So [anyone] could be next.

Here is an article from LAST October:

Massive DDoS attacks a growing threat to VoIP services

When the massive distributed denial-of-service (DDoS) attack in March brought down the voice-over-IP (VoIP) call processing supplied by TelePacific Communications to thousands of its customers, it marked a turning point for the local-exchange services provider in its thinking about security.

The massive DDoS attack came blasting in from the Internet in the form of a flood of invalid VoIP registration requests. The attack resulted in widespread service disruptions for a number of days in late March and cost the company hundreds of thousands of dollars in customer credits....

....Much of the DDoS attack streams did appear to be originating from China. But even if a botnet based on compromised Chinese computers was the source of the attack, that does not necessarily mean that someone in China is the culprit originating it, though that is a possibility....

»www.networkworld.com/news/2011/1···553.html

This is the age of Stuxnet, Flame, and Gauss. And no, that is NOT a law firm.

Some of these attacks can involve being hit by thousands of zombie/botnet machines at once. As the intensity of attacks increases, defenses will have to as well.

This is from a while back, a video representation of an attack.
»spacecollective.org/bp1320/6708/···S-attack

-----------------------------------------

The POTS/PSTN networks may not be quite as prone to this exact type of attack, but they will be targeted sooner or later too.

All the more reason to use providers like CC who keep on top of things....



Arne Bolen
Happy Anveo customer
Premium
join:2009-06-21
Cyberspace
kudos:4
Reviews:
·Anveo
·voip.ms

Re: CallCentric tech issues today?

said by PX Eliezer70:

All the more reason to use providers like CC who keep on top of things....

Those who are considering starting a small voip provider business should probably think again...
--
My VoIP News


DanWI

@epic.com
reply to bigpapae35
Where did you get the new sip server address... their tweet says they have instructions when you login, but I don't see them anywhere..


scott2020

join:2008-07-20
MO
It's gone now. It was in my customer portal.
Oops, maybe it didn't work.


DanWI

@epic.com
Seeing as my server still can't register.. I'm guessing it didn't work... man who did they piss off enough to launch this DDoS attack like this..


Sly
Premium
join:2004-02-20
Chuckey, TN
kudos:1
reply to DanWI
If you logon it will be on your dashboard page.

[edit] never mind... they took it down. Maybe they are working on something else.


royrogers

@rr.com
I think once your device successfully connects to the server, the message no longer appears for you.

I suspect that is the case, at least, as the new address is still working for me.

Some people were experiencing connects/disconnects, so maybe they never got to see the message with the addresses.

Also, CC said not everyone was experiencing the problem, so maybe they think they displayed the information for everyone that was having the issue, but missed a few?

Just guessing.


Richie

join:1999-08-26
Tinley Park, IL
My device never successfully connected and I still haven't seen the message on what to change.


quantux84

@rr.com
reply to royrogers
I changed my domain and outbound proxy per the 5 minutes quickfix CallCentric posted on my dashboard... It connects successfully now and doesn't drop registration like it has been doing since 8pm last night (Eastern) However no outbound calls,.. only inbound


quantux84

@rr.com
reply to Richie
the change was from callcentric.com to sip.callcentric.com for sip server and outbound proxy

nonymous
Premium
join:2003-09-08
Glendale, AZ
reply to quantux84
said by quantux84 :

I changed my domain and outbound proxy per the 5 minutes quickfix CallCentric posted on my dashboard... It connects successfully now and doesn't drop registration like it has been doing since 8pm last night (Eastern) However no outbound calls,.. only inbound

I have an OBI and not all settings needed to be the new ones. USER agent domain is still callcentric.com when I had it set to the new one I had no outbound error 500 . Inbound was and is fine. Reverting that to callcentric.com worked for me. YMMV


quantux84

@rr.com
Yes you are correct.. I reverted to the following, (using 3cx)
sip server (domain) = callcentric.com
outbound proxy = sip.callcentric.com

Inbound + Outbound good !!! Wonder if i should leave like this now?


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4

1 recommendation

reply to Arne Bolen
said by Arne Bolen:

said by bigpapae35:

is there is a way for companies to stop ddns attacks?

DDoS attacks are easy to execute due to the many millions of poorly protected computers running Windows.

The only way to make it more difficult to launch DDoS attacks would be to disconnect all Windows computers from the net, and that's not going to happen.

oh come on now don't start with the Windows bashing, You're better then that.
--
I'm always up for a good chat and helping with VoIP testing so my contact info is below.
Gigaset.net: Michael Wolf
Callcentric: 17772288600
SIP URI: sip:226976325024#9@sip.gigaset.net and sip:17772288600@in.callcentric.com
Skype: MikeWolf051


wcweaver
Premium
join:2002-02-22
Fort Myers, FL
Reviews:
·Comcast

2 edits
Hi Mike

Not Windows bashing but Microsoft is not noted for their excellent security. And there are undoubtedly millions of windows computers that are running unprotected because all the owners don't care about anything except how to turn them on and it boots up. Most don't even know about viruses or Trojans or real firewalls. I know a lot of seniors that are still running Windows 98 and XP because they don't want to learn something new.

Microsoft, in all has done a pretty poor job in the security area. I use dual boot Windows 7 and Ubuntu which seems to be pretty bullet proof.

They just send their e-mails.

Not bashing anyone, but just stating facts as I see them FWIW.

Bill


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4

1 recommendation

That was to Arne.
Anyway, later versions of Windows really seem more solid and secure right out of the box and your right there are plenty of users with older versions of Windows such as XP and 2000 that don't know the first thing about common sense and not clicking everything in sight and computer safety. Regarding the seniors, a co worker of mine brought up the observation that they won't be a long term problem and that future generations of seniors will be more tech savvy.
--
I'm always up for a good chat and helping with VoIP testing so my contact info is below.
Gigaset.net: Michael Wolf
Callcentric: 17772288600
SIP URI: sip:226976325024#9@sip.gigaset.net and sip:17772288600@in.callcentric.com
Skype: MikeWolf051

rblizz

join:2001-12-16
North Richland Hills, TX
reply to wcweaver
said by wcweaver:

Not Windows bashing but Microsoft is not noted for their excellent security.

Agreed. What really bothers me is when an older person (my godmother, for example) has her computer set to update whenever an update is available, has the firewall turned on, and pays for anti-virus and still gets infected or the Registry gets corrupted. Then the insinuation is always, "Seniors can't handle Windows maintenance." I don't like blaming the users for Windows shortcomings.

I live 500 miles from my Dad so I have to support him remotely. He had several issues with Windows -- Registry corruption and malware. I finally sent him a Linux Mint computer (Ubuntu derivative) -- no problems for two years.

I wouldn't go back to Windows for anything.

Meanwhile, still having issues with CallCentric. I see that they aren't out of the woods yet. Not their fault, I understand, but it is becoming more than a nuisance.

PX Eliezer70
Premium
join:2008-08-09
Hutt River
kudos:13
Reviews:
·callwithus
·voip.ms
Latest Twitter posts:

We're still in the process of auditing code and are trying our best to fix quality as best we can. More info as it becomes available. [That just posted within the last hour].

We will be working over the next couple of days to optimize the new code and to attempt to reduce load as much as we can. Until then customers may continue to experience problems with audio quality and stability.

We are preparing a report to file to the FBI and purchasing new equipment to help relieve the load caused by the extra defenses put in place.



wcweaver
Premium
join:2002-02-22
Fort Myers, FL
Reviews:
·Comcast
reply to Mike Wolf
said by Mike Wolf:

That was to Arne.
Anyway, later versions of Windows really seem more solid and secure right out of the box and your right there are plenty of users with older versions of Windows such as XP and 2000 that don't know the first thing about common sense and not clicking everything in sight and computer safety. Regarding the seniors, a co worker of mine brought up the observation that they won't be a long term problem and that future generations of seniors will be more tech savvy.

Are posts being delayed (moderator reviewed) before showing up as I made a post and it is not there yet? It also happened when I made the post about your comments to Arne, it did not show up for quite a while.


Arne Bolen
Happy Anveo customer
Premium
join:2009-06-21
Cyberspace
kudos:4
Reviews:
·Anveo
·voip.ms

2 edits
said by wcweaver:

Are posts being delayed (moderator reviewed) before showing up as I made a post and it is not there yet? It also happened when I made the post about your comments to Arne, it did not show up for quite a while.

After the DSLR power outage something is wrong so the last one or more posts are not showing up on the page.

However, there is a workaround which I use.

Look at the end of the address line. You see something like this:
r27591360-CallCentric-tech-issues-today-~start=420

Now increase the "start=" value with at least one, I usually add 5, so your address line ends:

r27591360-CallCentric-tech-issues-today-~start=425

Now you will see the missing posts on a page.

The "start=" value can be different from this example. The important thing is to increase it with at least one.
--
My VoIP News


Arne Bolen
Happy Anveo customer
Premium
join:2009-06-21
Cyberspace
kudos:4
Reviews:
·Anveo
·voip.ms

2 recommendations

reply to Mike Wolf
said by Mike Wolf:

oh come on now don't start with the Windows bashing, You're better then that.

It's not Windows bashing, it's a fact.

The criminals behind a DDoS attack needs lots of computers and they don't want to purchase and use their own computers. So they take control over Windows computers as Windows is the easiest OS to infect.

There are millions of Mac or Linux computers out there without any antivirus software, but the criminals always choose Windows computers.

Because it's too difficult to get permission from Mac/Linux users to abuse their computers. They don't need to ask owners of Windows computers for permission.
--
My VoIP News


VexorgTR

join:2012-08-27
Sheffield Lake, OH
kudos:1
Reviews:
·voip.ms

1 recommendation

said by Arne Bolen:

The criminals behind a DDoS attack needs lots of computers and they don't want to purchase and use their own computers. So they take control over Windows computers as Windows is the easiest OS to infect.

Playing devil's advocate.... Windows 7 security is much better. Earlier XP machines are an easier target, and they're plentiful. I don't think it's that they couldn't hit Mac or Linux, but if you want to hit the MASS market, it's old school Microsoft.

rblizz

join:2001-12-16
North Richland Hills, TX
said by VexorgTR:

Playing devil's advocate.... Windows 7 security is much better. Earlier XP machines are an easier target, and they're plentiful. I don't think it's that they couldn't hit Mac or Linux, but if you want to hit the MASS market, it's old school Microsoft.

Linux design and multiple distributions make it much harder to hit Linux. So they take what's easy.


Davesnothere
No-BHELL-ity DOES have its Advantages
Premium
join:2009-06-15
START Today!
kudos:7

4 edits
reply to Arne Bolen
said by Arne Bolen:

said by wcweaver:

Are posts being delayed (moderator reviewed) before showing up as I made a post and it is not there yet? It also happened when I made the post about your comments to Arne, it did not show up for quite a while.

After the DSLR power outage something is wrong so the last one or more posts are not showing up on the page.

However, there is a workaround which I use.

Look at the end of the address line. You see something like this:
r27591360-CallCentric-tech-issues-today-~start=420

Now increase the "start=" value with at least one, I usually add 5, so your address line ends:

r27591360-CallCentric-tech-issues-today-~start=425

Now you will see the missing posts on a page.

The "start=" value can be different from this example. The important thing is to increase it with at least one.

 
Arne, I agree with your workaround, but I'm not sure that the outage was the reason.

It seems that the longer that a DSLR thread becomes, the more likely it is that this 'Page Birthing' anomaly will happen to it.

DSLR forum threads seem to allocate 20 posts per page, regardless of the length of the posts themselves - so if your add 20, the new still hidden page should start to display where the current page left off - always has for ME.

Typically, each new page in an affected thread will appear anyway with the 3rd or 4th new post to it.

We first encountered it in CANCHAT forum in a thread called »IGNORE this thread , which was OK at first, but has been misbehaving for more than half of its now 111 pages.

Also in Canadian BroadBang forum, a thread called »Start Communications - new TPIA Rogers/Cogeco has been doing this for some time now.


Davesnothere
No-BHELL-ity DOES have its Advantages
Premium
join:2009-06-15
START Today!
kudos:7
reply to rblizz
said by rblizz:

said by VexorgTR:

Playing devil's advocate.... Windows 7 security is much better. Earlier XP machines are an easier target, and they're plentiful. I don't think it's that they couldn't hit Mac or Linux, but if you want to hit the MASS market, it's old school Microsoft.

Linux design and multiple distributions make it much harder to hit Linux.

So they take what's easy.

 
The proverbial 'low-hanging fruit', as it were.

bigjoesmith

join:2000-11-21
Peoria, IL

1 recommendation

reply to Arne Bolen
said by Arne Bolen:

said by Mike Wolf:

oh come on now don't start with the Windows bashing, You're better then that.

It's not Windows bashing, it's a fact.

Ok, this is off topic, but I would suggest that the relative security of Windows is much less cut and dried than the common perception that Windows is Swiss Cheese. Microsoft has invested more time and money in security than any of the other majors. Their security response center is light years ahead of most of the other majors: Oracle, Adobe, and Apple are miles behind and much slower in patching. All software has bugs; a decent response center is a necessary resource for security. Microsoft has in the last few years been at the forefront of many new security technologies and its software under the watchful eye of security researchers more than other system. For example, OpenBSD was first non-research OS to implement ASLR, various Linux kernel builds were next (with the early ones being rather weak), but Microsoft was not too far behind with a reasonably complete ASLR in Vista and continual improvements since then. This was ahead of Mac OSX, which didn't get full ASLR until Lion and Mountain Lion for the kernel.

I would suggest that the results of the Pwn2Own contest, where people earn prizes for exploits, is probably a better test than statements about the number of exploits, where Window's market share (and large numbers of older versions of Windows) makes it a much more logical target. If you look at the results of the Pwn2Own annual contest Windows does quite well. Linux probably survives the best over the years, but OSX is certainly not ahead of Windows over the years. In fact, Windows itself is never targeted in these attacks anymore (too difficult), and it's much more common to exploit 3rd party software, browsers in particular, and browser plugins (cough flash cough java). Of the browsers, Safari has been exploited every year except this year. This year was the first that either IE9 and Chrome were exploited.


Trimline
Premium
join:2004-10-24
Windermere, FL

1 recommendation

For everyone reading this post and the threads, kindly stay focused on the outage we are all enduring. I'm not interested in reading which OS is better (there are better places to discuss this), I'm interested in resolve.