today found two IP address 82.79.32.186 and 143.107.30.32 use UDP port 5060 to hack my asterisk server, I block these two IP by firewall router, although these traffic cannot pass to asterisk server, but it still comsump my Internet link bandwidth around 1M bit, since it is UDP port, no need to sent acknowledge packet. Any suggest to solve?
What I experienced was that the hackers just attempted to invade my * Server with only 2 to 4 attacks in every trial, which lasted for only 1 to 2 minutes atmost. It did not cause any burden on my router and bandwidth in such a short and limited time period.
If they invade consistently and continuously for a considerable period of time, I think it will cause the so-called DoS or DDos which might further trigger the system down. In fact, we cannot do anything, at least at my infantry level of knowledge, to stop that. I suggest you to switchoff the * Server or Router for 10 minutes, it may let them go away for other targets.
I'm not the expert in this area, the above is just my two cents.
發表於 2010-12-1 13:33
| 