nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VoIP Provider DDoSes

From: Mike Hammett <nanog () ics-il net>
Date: Tue, 21 Sep 2021 21:19:05 -0500 (CDT)
Well, I suppose it depends on the type of DDoS. 


Some of their sites are hosted with large outfits like Softlayer and Hivelocity. Yeah, some others are a lot smaller. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

----- Original Message -----

From: "Eric Kuhnke" <eric.kuhnke () gmail com> 
To: "Mike Hammett" <nanog () ics-il net> 
Cc: "NANOG" <nanog () nanog org> 
Sent: Tuesday, September 21, 2021 6:09:07 PM 
Subject: Re: VoIP Provider DDoSes 


Unlike http based services which can be placed behind cloudflare or similar, harder to protect sip trunking servers. 


The provider in question makes use of third party hosting services for each of their cities' POPs. It is my 
understanding that for the most part they do not run their own infrastructure but either rent dedicated servers or a 
few rack units of Colo in each city. 


I question whether some or any of those hosting companies have sufficient inbound (200-400Gbps) capacity to weather a 
moderately sized DDoS. 






On Tue, Sep 21, 2021, 5:30 PM Mike Hammett < nanog () ics-il net > wrote: 




As many may know, a particular VoIP supplier is suffering a DDoS. https://twitter.com/voipms 


Are your garden variety DDoS mitigation platforms or services equipped to handle DDoSes of VoIP services? What nuances 
does one have to be cognizant of? A WAF doesn't mean much to SIP, IAX2, RTP, etc. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com
Previous By Date Next
Previous By Thread Next

Current thread: