"I woke up Saturday morning to find strangely high network
activity on some of our inbound connections. After a quick review,
it turned out that most of the traffic was going into several of
our hosted PBX systems. After a little more digging, I discovered
that several systems on the Amazon EC2 network were preforming
brute force attacks, against our VoIP servers. They were attempting
to guess user names and passwords for our SIP clients. I
immediately blocked all traffic from the attacking IPs and examined
the logs. Thankfully, I found that non of the attacks had succeeded
in guessing passwords.
"Confident that the immediate threat was dealt with, I shot off
a complaint to email@example.com listing the IP addresses and
some log snapshots for validation. I fully expected to see the
attack traffic disappear from our edge as soon as Amazon got the
report. Boy, was I wrong..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.