Mailing List CGatePro@mail.stalker.com Message #106092
From: James Roman <james.roman@ssaihq.com>
Subject: Re: Spamhaus DROP. Re: SIP attacks
Date: Mon, 13 Jun 2016 10:52:31 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Apple Mail (2.3124)
That is a fine strategic objective, however the complexities of developing a comprehensive security plan for a server that supports as many protocols and is used to facilitate communications between a broad and sometimes differing audiences for each of those services normally requires a bit more consideration than the binary "turn it off if you’re not using it” decisions. Many of the questions fielded by this list are submitted by individuals who may have never had to protect such a robust system. Securing CommuniGate presents some unique challenges compared to any other communications platform I have ever supported, primarily because the application is so robust that I am not encouraged by resource needs or license structure to spread the services among multiple servers, which might allow me to more easily focus the security plan to just one or two services at a time. 

When you do decide to offer one of the many CommuniGate services to your users, you are often challenged with a decision about where to enforce the security for that service. What is nice about this solution is that it nicely provides a way to add a layer of protection across all the services offered by CommuniGate, which may be easier to implement when you have an environment with multiple firewalls.  

On Jun 13, 2016, at 7:00 AM, CommuniGate Pro Discussions <CGatePro@mail.stalker.com> wrote:

Subject: Re: Spamhaus DROP. Re: SIP attacks
Date: June 12, 2016 at 9:36:46 AM EDT


I think the biggest takeaway lesson from this is

1) If you are not using certain features, turn them off

2) Put some sort of firewall in place between your server and the world to control ports if you are too lazy to turn off those unused features.

 

Robert

 

On Sun, 12 Jun 2016 14:09:43 +0300

"Technical Support, Stalker Labs" <support@stalker.com> wrote:

Hello,

On 09.06.2016 11:39, Gib Henry wrote:

You might consider using the Spamhaus DROP and EDROP lists

<https://www.spamhaus.org/drop/>. They eliminate a great deal of spam

and probably a lot of those SIP fishing expeditions.

 

I think it should be a good idea to add these lists to CommuniGate's "Denied IP Addresses" and update them regularly; so I wrote a script to automate that, see "spamhaus_drop.sppr" in <http://www.communigate.com/ScriptRepository/>



Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster