Long term user - now being attacked

wayne106 · Post by **wayne106** » Tue May 21, 2024 1:57 am

1. Brekeke Product Name and Version:
3.0.6.3 Advanced

2. Java version:
1.7.0_05

3. OS type and the version:
Centos 6

4. UA (phone), gateway or other hardware/software involved:
Various, used as SIP registrar for 500 endpoints

5. Your problem:
Been using BSS for a very long time over 16 years. Recently started to get attacked with brute force attempts. Usually lowish levels, EG 4mbps to 9mbps. BSS goes to 100% CPU then stops responding even after attack has stopped. I have tried blocking the attacks at firewall level, but its not quick enough. I have to reboot the server to restore service.
I see BSS 3.2 has a block list? Can I upgrade to 3.2 or must I upgrade to the latest version?

Mike · Post by **Mike** » Tue May 21, 2024 11:18 am

I strongly recommend that you upgrade your Brekeke SIP Server to the latest version.
The version 3.0.6.3 that you are using is very old, which released 12 years ago.
https://docs.brekeke.com/sip/sip-history

After you installed the latest version, enable the Block List feature.
https://docs.brekeke.com/avoid-attacks/

wayne106 · Post by **wayne106** » Tue May 21, 2024 1:36 pm

Mike wrote:I strongly recommend that you upgrade your Brekeke SIP Server to the latest version.

Thanks Mike, but I guess that means a box rebuild to get a new OS, newer Java and newer tomcat. I was hoping for a quick fix for now until I have the time to rebuild. Can you make available 3.2 please?

Regards

Wayne

Mike · Post by **Mike** » Tue May 21, 2024 2:44 pm

The 3.2 is also old (11 years ago) so it is not secure and stable enough in today's Internet.

My recommendation is to set up a new environment first based on the latest OS, java and Brekeke SIP Server first with an evaluation license.
Once you confirm it, transfer the license from the current 3.0.6.3 setup.