<p>What is ACL exactly? Is it implemented via iptables?</p>
<p>I know it means access control list but is it about blocking or actually allowing?</p>
<p>As for Canadian we are all treated equally and have caps for cable and adsl (also that seems to change recently)</p>
<p>What is a colo&#39;d machine?</p>
<div class="gmail_quote">On Feb 14, 2012 11:45 AM, &quot;Michael Giagnocavo&quot; &lt;<a href="mailto:mgg@giagnocavo.net">mgg@giagnocavo.net</a>&gt; wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><a name="1357cc0cfddd5c71__MailEndCompose"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">ACL’ing like folks have suggested should help. But the problem is these attacks don’t always stop just because you’ve stopped responding. I’ve seen multi-day sustained scans at 30Mbps, </span></a><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">but I’m sure they go much higher.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">As folks have suggested, run SIP on another port to avoid detection, and only open your firewall on 5060 for absolute necessities.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">I was under the impression that Canadian bandwidth limits were more for DSL and the like. If you get a colo’d machine or something, you should not have problems with caps, right?<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d">-Michael<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:&quot;Calibri&quot;,&quot;sans-serif&quot;;color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> <a href="mailto:freeswitch-users-bounces@lists.freeswitch.org" target="_blank">freeswitch-users-bounces@lists.freeswitch.org</a> [mailto:<a href="mailto:freeswitch-users-bounces@lists.freeswitch.org" target="_blank">freeswitch-users-bounces@lists.freeswitch.org</a>] <b>On Behalf Of </b>Philippe Le Toquin<br>
<b>Sent:</b> Tuesday, February 07, 2012 7:42 AM<br><b>To:</b> <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br><b>Subject:</b> [Freeswitch-users] needs some advice to secure my system<u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Hello,<br><br>Sorry to ask like that but could someone points me to some site that explains exactly what I need to open towards the internet so that<br>my FS server is working while limiting its visibility?<br>
<br>since 1st of February I have an IP that continually sends me SIP Register request at a rate of 70KB/s. I have complained to my internet<br>provider but they refuse to help saying that the problem is on my side. I also logged a complain to the provider on that IP and am waiting on that.<br>
<br>At the moment on my firewall I opened port 5060 and 5080 (well now I blocked as well that IP) but I want to know if both are really needed or if I could block one of them<br> or may be limit the port to some IP. <br><br>
Any help/links will be gladly received <br><br>thanks<br><br>/Philippe<u></u><u></u></p></div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div>