Mailing List CGatePro@mail.stalker.com Message #106091
From: <rwebb@ropeguru.com>
Subject: Re: Spamhaus DROP. Re: SIP attacks
Date: Sun, 12 Jun 2016 09:36:46 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>, Technical Support, Stalker Labs <support@stalker.com>
X-Mailer: CommuniGate Pronto! HTML5 6.1.8.2901

I think the biggest takeaway lesson from this is

1) If you are not using certain features, turn them off

2) Put some sort of firewall in place between your server and the world to control ports if you are too lazy to turn off those unused features.

 

Robert

 

On Sun, 12 Jun 2016 14:09:43 +0300

"Technical Support, Stalker Labs" <support@stalker.com> wrote:

Hello,

On 09.06.2016 11:39, Gib Henry wrote:

You might consider using the Spamhaus DROP and EDROP lists

<https://www.spamhaus.org/drop/>. They eliminate a great deal of spam

and probably a lot of those SIP fishing expeditions.

 

I think it should be a good idea to add these lists to CommuniGate's "Denied IP Addresses" and update them regularly; so I wrote a script to automate that, see "spamhaus_drop.sppr" in <http://www.communigate.com/ScriptRepository/>

 

 

> Because I turned

SIP off before I discovered the lists, I can’t say for sure that they

were responsible for the drop in SIP, but they certainly did reduce the

clutter of other incoming attempts. Cheers,

--

Gib Henry

 

 

On 6/9/16 5:42 AM, Shaun Gamble wrote:

I am sick of the huge number of attempted connections, via SIP, to all

of our supposed numbers in the server. I do not use the PABX functions

nor do we use SIP in the standard sense of the word (SIP clients

chatting to each other).

 

What are the ramifications of disabling the listening ports for SIP on

my CGP server?

 

CGP 6.1.9

Windows 2012 (64bit)

 

We do have Apple devices and I notice the server sends SIP packets to

these devices for things like reminders (I presume).

--

Best regards,

Roman Prokhorov

=======================================================================

When answering to letters sent to you by the tech.support staff, make

sure the original message you have received is included into your reply.

 

#############################################################

This message is sent to you because you are subscribed to

the mailing list <CGatePro@mail.stalker.com>.

To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com>

To switch to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>

To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>

Send administrative queries to <CGatePro-request@mail.stalker.com>

 

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster