ASBCE Remote Worker - HOW TO FIND HACKING ATTEMPTS

[jimbojimbo]

If you have an Avaya ASBCE configured for remote worker, you're probably subject to hacking attempts. It is strongly suggested to place the ASBCE external interface in a DMZ behind a firewall. Even so. SIP and HTTPS services have to be exposed on the internet.

For SIP hacking attempts the ASBCE EMS Web Interface gives you easy access to "Incidents" from the top menu. The source IP Address will tell you where the hacking attempt is coming from. I see hacking attempts daily. There are many internet services which provide IP lookup. I use whatismyip.com which gives a simple ARIN output. You can then put it IP Address or Address Range (I always put the address range when I find it is a hosted service since I never expect SIP user clients to be on hosted services) into the DMZ Services>Firewall>Blacklist.

For HTTP hacking attempts you can go into the SBC command line and review
/archive/log/tracesbc/tracesbc_http/access.log

There can be too much data to swim through due to clients accessing the AADS and PPM services so just start by looking for 403 errors. Back to whatsmyip.com and the blacklist.

I will typically send an e-mail to the abuse e-mail address from the ARIN record just to let them know I've blocked all traffic to/from their service. Most hosted solution providers don't seem to do much (in my opinion). I think they feel insulated by section 230 and the lack of interest from the FBI Cybercrimes unit unless there is a significant $$$ loss associated with the hack.

You may want to start off with Blacklist rules for NetSysResearch, Censys and Shodan scanners. This will help limit your exposure to hackers who use these services to find targets.

There is no easy way natively to import a set of firewall blacklist rules into the SBC. The 8.1.X ASBCE does have an API service available so if I ever get the time I'll look to see if it is possible to import the firewall rules.

 

[kyle555]

I asked them to have a dynamic blacklist. Firewalls have it where they get a list of new bad actors to block each day. No reason Avaya can't send that.

Otherwise, you can limit which URLs the SBCs pass on the reverse proxy configuration.

I was always of the opinion that you should be able to have SBC for Workplace only and require a good AADS connection to keep your SIP client up. Also, have a config that only allows Avaya AST, so SIP register terminates if there's no PPM on that registration.

Also, Shodan is fun. They had a $1 for life subscription a while ago. You can search for web servers by "common name of certificate" and find CU360s on the open internet with default passwords

 

[jimbojimbo]

As a best practice you should be limiting the depth of the acceptable URL list on the reverse proxy. For example, AAfD and Workplace licensing would be /WebLM/LicenseServer. Of course you should never put any device directly on the Internet with a default login/password.

The Dynamic firewall list is nice however what I have been seeing lately is the bad actors are purchasing (or stealing) hosted compute in order to get around geo lists and attack directly with US based IPv4. I've been attacked from Google, AWS, and Azure cloud space. Unfortunately the US Government is inept. They should have forced providers to segment foreign entities onto a specific IPv6 space. Doesn't help when FBI Cyber won't pursue without a significant financial loss. The hackers pretty much have free reign. Hosted providers know this and with Section 230 they have little to no incentive to actively pursue. It seems most abuse e-mails go into black holes. Providers are also under no obligation to provide you any type of IP Address space listing so you have to hunt it down.

Shodan has moved around so any IP list from a couple of years ago is useless. Hackers are more than happy to let Shodan do all the heavy lifting and find targets for them. I think the current price is $49 for a lifetime membership. My opinion is if you are going to scan for open ports, devices, and services then publish the information in a searchable format for basically anyone to use then you are a hacker.

 

[kyle555]

I don't think the US govt is inept. There's just no way they can track it.
At least when Shodan publishes it, the world can see how many people really are running Apache 2.2.whatever with critical vulnerability X. Without that kind of innocent recon there'd be no way of knowing how many possible targets there are for any given new vulnerability. It's not like the bad guys need Shodan to do that part for them anyway.

When you say you've been attacked from various cloud providers, do you mean relentlessly with DDoS style attacks? If it's just bottom feeders looking for a free trunk, it's about the same as dialing in and checking for weak mailbox passwords. I doubt that's bad people signing up for cloud services and more like bad people finding weak security on their customers virtual machines and compromising them to look for places they can route free phone calls.

But even if that's the case, then your remote worker SBC should probably have everything in data centers blacklisted anyway. That's not where standard residential and business internet is from nor is it where iPhones and Windows PCs are coming from. If you weeded those out, you'd be left with the botnets running on people's home PCs.

There have been some major voip DDoS attacks lately. They started the day the US dropped charges on Huawei princess Meng Wanzhou and Canada let her out. Could this big DDoS against one of the biggest VOIP providers in the US been a state actor? In my opinion, yes. There doesn't seem to be any profit motive out of it.

FBI Cyber is interested in things like that. It's straight up economic terrorism.

https://status.bandwidth.com/

Bandwidth 
BANDWIDTH.COM SUPPORT CENTER 

Welcome to Bandwidth's home for network updates. Here, you will find information pertinent to outages, scheduled maintenance, and general notices with real-time updates.

 Inbound Calling ServicesOperational
 Outbound Calling ServicesOperational
Bandwidth International (fka Voxbone) Voice ServicesOperational
 Application Platform Add On ServicesOperational
 Messaging ServicesOperational
Bandwidth International (fka Voxbone) Messaging ServicesOperational
 International A2P MessagingOperational
 International A2P Messaging Regional ConnectivityOperational
 Number Management ServicesOperational
 9-1-1 ServicesOperational
 Direct Network ConnectionOperational
WebRTCOperational
SIP TrunkingOperational
 Local Market Status ?Operational
 SupportOperational
 PortalsOperational
Scheduled Maintenance
SMS Messaging Maintenance - DFWOct 12, 00:00-02:00 EDT
Bandwidth will be performing maintenance on our messaging platform. There will be a brief delay in SMS messaging service in DFW. Binds to DFW will bounce but messages will be queued and delivered once DFW comes back online.

All traffic going to LAX will be unaffected during this event. Customers may choose to point all traffic to LAX to ensure no interruption to service.

For assistance defining your specific geo-redundant location or for any additional clarification, please reach out to our Customer Success Team via the bandwidth.com/support portal.
Posted on Oct 1, 09:50 EDT
Messaging Maintenance (V2 SMS)Oct 22, 00:00-01:00 EDT
Bandwidth will be performing maintenance on the V2 SMS messaging platform. There will be no impact to the delivery of messages during the window, however, customers may not receive delivery receipts for messages for a brief portion of the maintenance.
Posted on Oct 8, 12:50 EDT
Past Incidents
Oct 10, 2021
No incidents reported today.

Oct 9, 2021
No incidents reported.

Oct 8, 2021
Local Market Maintenance - 344 - Saginaw, MI
Completed - The scheduled maintenance has been completed.
Oct 8, 04:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 8, 00:01 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following market for the duration of the maintenance:

344 - Saginaw, MI

We do not anticipate any service disruption to outbound calling during this maintenance.
Oct 7, 11:38 EDT
Messaging Maintenance (V2 SMS)
Completed - The scheduled maintenance has been completed.
Oct 8, 01:01 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 8, 00:00 EDT
Scheduled - Bandwidth will be performing maintenance on the V2 SMS messaging platform. There will be no impact to the delivery of messages during the window, however, customers may not receive delivery receipts for messages for a brief portion of the maintenance.
Sep 27, 12:35 EDT
Oct 7, 2021
Off-Net Porting Delays
Resolved - The backlog from this incident has been cleared and we're considering the incident resolved.
Oct 7, 10:37 EDT
Update - Bandwidth has resolved the underlying issue with our vendor and we're working on clearing pending orders. All orders going forward should process normally. We will provide an update once a fix has been implemented to clear the pending orders.
Oct 6, 17:33 EDT
Update - Bandwidth has resolved the underlying issue with our vendor and we're working on clearing pending orders.
Oct 6, 10:26 EDT
Update - We are continuing to work on fixing the underlying issue and we'll provide further updates as they become available.
Oct 5, 11:30 EDT
Update - We are continuing to work on fixing the underlying issue and we'll provide further updates as they become available.
Oct 5, 08:15 EDT
Update - We are continuing to work on fixing the underlying issue and we'll provide further updates as they become available. Our next update will be at 9am tomorrow morning unless we have an actionable update sooner.
Oct 4, 17:09 EDT
Identified - Bandwidth has identified an issue that is affecting off-net (Lumen) porting activations in the BW dashboard. Ports are completing with Lumen, but not activating in our dashboard, which can cause OOS problems for the ported numbers. The relevant teams are currently engaged working to implement a fix. For urgent activations, please contact the the porting team.
Oct 4, 15:48 EDT
Bandwidth Local Market Impairment - LATA 562 Beaumont, TX.
Resolved - Services have been restored
Oct 7, 10:28 EDT
Update - We are continuing to work on a fix for this issue.
Oct 7, 01:33 EDT
Identified - We are experiencing an issue on the Bandwidth network affecting Local Inbound calls to your customers in this area. Inbound long-distance and Outbound calling are not impacted.

We are currently working with our carrier for resolution.
Oct 7, 01:33 EDT
Local Market Maintenance - 640 - Sioux Falls, SD
Completed - The scheduled maintenance has been completed.
Oct 7, 05:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 7, 01:00 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following market for the duration of the maintenance:

640 - Sioux Falls, SD

We do not anticipate any service disruption to outbound calling during this maintenance.
Oct 6, 13:17 EDT
Messaging Maintenance - Toll Free MMS/SMS
Completed - The scheduled maintenance has been completed.
Oct 7, 03:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 6, 23:04 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's Toll Free MMS/SMS messaging platform. During this maintenance window, brief periods of latency affecting inbound and outbound Toll Free MMS/SMS may be encountered.
Oct 6, 13:13 EDT
Oct 6, 2021
Inbound Toll Free Incident
Resolved - Bandwidth teams have observed expected inbound Toll Free traffic with regards to Verizon’s network. We consider this incident resolved.
Oct 6, 23:51 EDT
Monitoring - Bandwidth teams are currently observing expected inbound Toll Free voice traffic. We will continue to monitor.
Oct 6, 23:31 EDT
Identified - A small subset of inbound Toll Free voice traffic remains impacted by this incident. Inbound calls may not complete as expected.
Oct 6, 22:39 EDT
Monitoring - Bandwidth teams are currently observing expected inbound Toll Free voice traffic. We will continue to monitor.
Oct 6, 22:20 EDT
Update - We continue work to reduce this service disruption.
Oct 6, 21:59 EDT
Identified - Bandwidth has identified an incident in the Verizon network impacting a small subset of inbound Toll Free calls. Teams are taking action to reduce this service disruption.
Oct 6, 21:40 EDT
Phone Support Incident
Resolved - Bandwidth Phone Support has restored and inbound calls are processing as expected.
Oct 6, 23:48 EDT
Update - Bandwidth has identified an incident impacting inbound calls to our support line. For assistance, please open a support ticket at support.bandwidth.com.
Oct 6, 23:17 EDT
Identified - Bandwidth has identified an incident impacting inbound calls to our support line. For assistance, please open a support ticket at support.bandwidth.com.
Oct 6, 22:32 EDT
Bandwidth International Network Incident
Resolved - After prolonged monitoring and expected network behavior. We consider this incident closed.
Oct 6, 13:27 EDT
Update - Bandwidth teams are currently observing expected network behavior. We will continue to monitor for prolonged stability.
Oct 5, 07:25 EDT
Monitoring - Bandwidth teams are currently observing expected network behavior. We will continue to monitor for stability.
Oct 4, 15:07 EDT
Identified - We have identified the cause of this service disruption, and are working to fully restore services. You may begin to see expected Voice and Messaging traffic behavior.
Oct 4, 14:00 EDT
Investigating - We are currently investigating an incident impacting Voice and Messaging. All teams are actively engaged.
Oct 4, 12:15 EDT
911, Inbound & Outbound Voice, V2 Voice, Portal and API, Messaging Incident
Resolved - After prolonged monitoring and expected network behavior. We consider this incident closed.
Oct 6, 13:27 EDT
Update - Bandwidth has continued to observe network stability and will continue to monitor.
Oct 5, 07:26 EDT
Update - Bandwidth has continued to observe network stability and will continue to monitor.
Oct 4, 15:32 EDT
Update - Bandwidth has continued to observe network stability and will continue to monitor.
Oct 2, 14:31 EDT
Monitoring - Bandwidth has continued to observe network stability and will continue to monitor.
Sep 30, 16:57 EDT
Investigating - Bandwidth teams are investigating Dashboard Portal and API latency with intermittent time-outs. All teams are actively engaged.
Sep 30, 16:49 EDT
Update - Bandwidth has continued to observe network stability and will continue to monitor.
Sep 30, 13:59 EDT
Monitoring - Bandwidth teams are observing expected network behavior with successful call completion. We will continue to monitor and provide updates accordingly.
Sep 29, 21:22 EDT
Identified - Bandwidth has identified the cause of service disruptions for Standard Voice Calls. We are currently observing standard network and call behavior for 911 Calls, Messaging, Portals & APIs and will continue to monitor those services for continued stability.
Sep 29, 20:53 EDT
Update - Bandwidth teams are currently investigating an incident impacting, 911 Calling, Inbound and Outbound Voice, V2 Voice, Portals, and associated APIs, and Messaging. Customers may experience failed calls, portal & API latency, or time outs, delayed or failed messages.
Sep 29, 19:47 EDT
Update - Bandwidth teams are currently investigating an incident impacting, 911 Calling, Inbound and Outbound Voice, V2 Voice, Portals, and associated APIs. Customers may experience failed calls, portal & API latency, or time outs.
Sep 29, 19:42 EDT
Update - We are continuing to investigate this incidnet.
Sep 29, 19:24 EDT
Investigating - Bandwidth teams are currently investigating an incident impacting, Inbound and Outbound Voice, V2 Voice, Portals, and associated APIs. Customers may experience failed calls, portal & API latency, or time outs.
Sep 29, 19:23 EDT
Monitoring - Bandwidth teams are observing expected network behavior with successful call completion. We will continue to monitor and provide updates accordingly.
Sep 29, 18:00 EDT
Identified - Bandwidth teams have identified the incident impacting Inbound and Outbound calling at this time. Customers may experience intermittent call failures or voice quality issues and/or one-way audio scenarios. All teams are actively engaged.
Sep 29, 17:06 EDT
Update - Bandwidth teams are currently investigating an incident impacting Inbound and Outbound calling at this time. Customers may experience intermittent call failures or voice quality issues and/or one-way audio scenarios. All teams are actively engaged.
Sep 29, 15:58 EDT
Update - Bandwidth teams are currently investigating an incident impacting Inbound and Outbound calling at this time. Customers may experience intermittent call failures or voice quality issues and/or one-way audio scenarios. All teams are actively engaged.
Sep 29, 15:04 EDT
Update - Bandwidth teams are currently investigating an incident impacting Inbound and Outbound calling at this time. Customers may experience intermittent call failures or voice quality issues and/or one-way audio scenarios. All teams are actively engaged.
Sep 29, 14:03 EDT
Investigating - Bandwidth teams are currently investigating an incident impacting Inbound and Outbound calling at this time. Customers may experience intermittent call failures or voice quality issues. All teams are actively engaged.
Sep 29, 13:01 EDT
Local Market Maintenance - Multiple Markets
Completed - The scheduled maintenance has been completed.
Oct 6, 07:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 6, 00:00 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following local markets for the duration of the maintenance:

256 - Clarksburg, WV
344 - Saginaw, MI
640 - Sioux Falls, SD

We do not anticipate any service disruption to outbound calling from these local markets during this maintenance.
Oct 5, 12:00 EDT
Messaging Maintenance - Toll Free MMS/SMS
Completed - The scheduled maintenance has been completed.
Oct 6, 03:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 5, 23:02 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's Toll Free MMS/SMS messaging platform. During this maintenance window, brief periods of latency affecting inbound and outbound Toll Free MMS/SMS may be encountered.
Oct 4, 13:10 EDT
Oct 5, 2021
Automatic Account Refill Incident
Resolved - Bandwidth teams have resolved Automatic Refills. At this time accounts along with Voice and Messaging traffic are behaving as expected.
Oct 5, 08:52 EDT
Investigating - Bandwidth teams are investigating an incident impacting Automatic Account Refilling. Some account may not have funds refill as expected. As such outbound calling and messaging may be impacted.
Oct 5, 08:04 EDT
Oct 4, 2021
Bandwidth Local Market Impairment - LATA - 446 - Macon, GA
Resolved - Services restored while carrier was testing. Bandwidth can confirm all services are restored. This incident is being resolved.

Start Time: 10/04/2021 13:31 ET

Stop Time: 10/04/2021 13:36 ET
Oct 4, 16:27 EDT
Investigating - We are experiencing an issue on the Bandwidth network affecting Local Inbound calls to your customers in this area. Inbound long-distance and Outbound calling are not impacted.

We are currently working with our carrier for resolution.
Oct 4, 13:41 EDT
Oct 3, 2021
No incidents reported.

Oct 2, 2021
Bandwidth Local Market Impairment - 350 - Appleton, WI
Resolved - This incident has been resolved.
Oct 2, 09:57 EDT
Update - We are continuing to monitor for any further issues.
Oct 2, 05:57 EDT
Update - We are continuing to monitor for any further issues.
Oct 1, 22:14 EDT
Monitoring - We have observed services in this market have recovered and our carrier is finalizing repairs. This incident will be resolved when we confirm all repairs are complete.
Oct 1, 18:15 EDT
Investigating - We are experiencing an issue on the Bandwidth network affecting Local Inbound calls to your customers in this area. Inbound long-distance and Outbound calling are not impacted.

We are currently working with our carrier for resolution.
Oct 1, 14:15 EDT
Oct 1, 2021
Local Market Maintenance - Multiple Markets
Completed - The scheduled maintenance has been completed.
Oct 1, 05:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Oct 1, 00:01 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following local markets for the duration of the maintenance:

254 - Charleston, WV
334 - Fort Wayne, IN
338 - Bloomington, IN
922 - Cincinnati, OH
923 - Mansfield, OH
927 - Harrisonburg, VA

We do not anticipate any service disruption to outbound calling from these local markets during this maintenance.
Sep 30, 13:10 EDT
Sep 30, 2021
Messaging Maintenance - SMS
Completed - The scheduled maintenance has been completed.
Sep 30, 07:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 30, 01:04 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's SMS messaging platform. During the maintenance window, Bandwidth's customers may experience a delay in the delivery of inbound and outbound SMS messages.
Sep 29, 11:32 EDT
Messaging Maintenance - Toll Free MMS/SMS
Completed - The scheduled maintenance has been completed.
Sep 30, 03:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 29, 23:03 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's Toll Free MMS/SMS messaging platform. During this maintenance window, brief periods of latency affecting inbound and outbound Toll Free MMS/SMS may be encountered.
Sep 29, 11:09 EDT
Sep 29, 2021
Inbound Calling Incident
Resolved - Bandwidth is resolving this isolated Verizon Wireless incident.
Sep 29, 14:05 EDT
Monitoring - Bandwidth teams have worked with Verizon Wireless to address these inbound call issues. At this time we are seeing expected call behavior with regards to this incident. We will continue to monitor.
Sep 29, 12:58 EDT
Update - Bandwidth is currently investigating an incident impacting inbound calls from Verizon Wireless to the Bandwidth network. Inbound calls may experience intermittent failures.
Sep 29, 11:52 EDT
Update - Bandwidth is currently investigating an incident impacting inbound calls from Verizon Wireless to the Bandwidth network. Inbound calls may experience intermittent failures.
Sep 29, 10:57 EDT
Investigating - Bandwidth is currently investigating an incident impacting inbound calls from Verizon Wireless to the Bandwidth network. Inbound calls may experience intermittent failures.
Sep 29, 09:46 EDT
Messaging Maintenance - SMS/MMS
Completed - The scheduled maintenance has been completed.
Sep 29, 06:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 29, 02:01 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's SMS/MMS messaging platform. During the maintenance window, Bandwidth's customers may experience a delay in the delivery of inbound and outbound SMS/MMS messages.
Sep 28, 13:58 EDT
Local Market Maintenance - 640 - Sioux Falls, SD
Completed - The scheduled maintenance has been completed.
Sep 29, 05:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 29, 01:00 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following market for the duration of the maintenance:

640 - Sioux Falls, SD

We do not anticipate any service disruption to outbound calling during this maintenance.
Sep 28, 13:56 EDT
Sep 28, 2021
Standard Voice and V2 Voice Incident
Resolved - After observing continued network stability, we consider this incident resolved. Teams will continue to monitor our network. Should additional updates be needed, they will be posted here.
Sep 28, 23:31 EDT
Monitoring - Bandwidth teams are currently observing ongoing network stability. All call types are processing as expected at this time. We will continue to monitor and provide updates here as needed.
Sep 28, 22:53 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 21:52 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 20:54 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 20:07 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 18:58 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 17:52 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 17:05 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 15:52 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 14:53 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 14:00 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 13:10 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 11:46 EDT
Update - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 10:59 EDT
Investigating - Bandwidth teams are actively investigating an incident impacting Standard Voice and V2 Voice calls with intermittent service disruptions.
Sep 28, 10:05 EDT
Local Market Maintenance - Multiple Markets
Completed - The scheduled maintenance has been completed.
Sep 28, 07:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 28, 01:00 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will affect inbound calling to customers in the following local markets for the duration of the maintenance:

344 - Saginaw, MI
620 - Rochester, MN
626 - St. Cloud, MN
640 - Sioux Falls, SD

We do not anticipate any service disruption to outbound calling from these local markets during this maintenance.
Sep 27, 12:32 EDT
Messaging Maintenance - SMS/MMS
Completed - The scheduled maintenance has been completed.
Sep 28, 06:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 28, 02:00 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's SMS/MMS messaging platform. During the maintenance window, Bandwidth's customers may experience a delay in the delivery of inbound and outbound SMS/MMS messages.
Sep 27, 12:36 EDT
SMS Messaging Maintenance - DFW
Completed - The scheduled maintenance has been completed.
Sep 28, 02:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 28, 00:00 EDT
Scheduled - Bandwidth will be performing maintenance on our messaging platform. There will be a brief delay in SMS messaging service in DFW. Binds to DFW will bounce but messages will be queued and delivered once DFW comes back online.

All traffic going to LAX will be unaffected during this event. Customers may choose to point all traffic to LAX to ensure no interruption to service.

For assistance defining your specific geo-redundant location or for any additional clarification, please reach out to our Customer Success Team via the bandwidth.com/support portal.
Sep 14, 14:01 EDT
Sep 27, 2021
V2 Voice, Standard Voice, 911, Portal & API, Porting, Toll-Free Messaging, New Number Ordering Intermittent Incident
Resolved - After continued network stability. We consider this incident resolved.
Sep 27, 20:03 EDT
Monitoring - Bandwidth teams are currently observing expected network behavior. Our teams will continue to monitor for network stability.
Sep 27, 19:28 EDT
Update - Bandwidth teams have observed expected 911 calling behavior. We will continue to monitor for 911 call stability.
Sep 27, 19:05 EDT
Update - Bandwidth teams have observed continued portal and portal API stability along with associated services. We will continue to monitor portals for ongoing stability.
Sep 27, 18:21 EDT
Update - Bandwidth teams continue to actively investigate this network incident.
Sep 27, 17:49 EDT
Update - Bandwidth teams have observed Toll-Free Messaging operate as designed. We will continue to monitor Toll-Free Messaging.
Sep 27, 17:36 EDT
Update - Bandwidth teams continue to actively investigate this network incident.
Sep 27, 17:00 EDT
Update - Bandwidth teams continue to actively investigate this network incident.
Sep 27, 16:09 EDT
Update - Bandwidth continues to investigate.
Sep 27, 15:10 EDT
Update - Bandwidth is also investigating an incident impacting the ability to order new numbers.
Sep 27, 14:29 EDT
Update - Bandwidth continues to investigate this incident.
Sep 27, 14:00 EDT
Update - Bandwidth teams are also investigating delays with Toll-Free Messaging at this time along with V2 Voice, Standard Voice, 911 traffic, Portal & API with intermittent service disruptions.
Sep 27, 13:01 EDT
Update - We continue to investigate this incident.
Sep 27, 11:57 EDT
Update - Bandwidth teams are also investigating delayed ports at this time along with V2 Voice, Standard Voice, 911 traffic, Portal & API with intermittent service disruptions.
Sep 27, 11:07 EDT
Update - We continue to investigate this incidnet.
Sep 27, 11:02 EDT
Update - Bandwidth teams are investigating an incident impacting Voice, V2 Voice, 911 traffic, Portal & API with intermittent service disruption.
Sep 27, 10:00 EDT
Update - Bandwidth teams are investigating an incident impacting Voice, V2 Voice, and 911 traffic with intermittent service disruption.
Sep 27, 09:42 EDT
Investigating - Bandwidth teams are investigating an incident impacting our V2 Voice services. Customers may notice intermittent service disruptions.
Sep 27, 09:12 EDT
Porting Incident
Resolved - We consider this incident resolved.
Sep 27, 09:53 EDT
Monitoring - Bandwidth teams are observing standard Porting behavior. We will continue to monitor port orders to ensure expected process flow.
Sep 27, 09:43 EDT
Investigating - Bandwidth teams are currently investigating an incident causing Porting delays. We are actively engaged with our industry partner.
Sep 27, 09:25 EDT
Messaging Maintenance - SMS
Completed - The scheduled maintenance has been completed.
Sep 27, 04:00 EDT
In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Sep 27, 01:02 EDT
Scheduled - Bandwidth's downstream vendor will be performing maintenance that will potentially affect Bandwidth's SMS messaging platform. During the maintenance window, Bandwidth's customers may experience a delay in the delivery of inbound and outbound SMS messages.
Sep 24, 13:44 EDT
Sep 26, 2021
Voice, 911, Messaging, and Portal Incident
Resolved - After continued monitoring with standard network behavior, Bandwidth considers this incident resolved.
Sep 26, 20:43 EDT
Monitoring - Bandwidth teams are observing network stability and monitoring Voice, 911, Messaging, Portal, & API services. At this time, the Bandwidth network is operating as designed.
Sep 26, 19:47 EDT
Update - Bandwidth portals are currently operating as designed along with associated APIs. We continue to monitor for prolonged stability.
Sep 26, 18:58 EDT
Update - Bandwidth teams are investigating a Portal and Portal API service incident. Users may experience an interment service degradation.
Sep 26, 18:00 EDT
Update - Bandwidth teams have observed expected call behavior for 911 calls. 911 calls are processing as designed and are fully restored. Teams continue to work on standard voice traffic.
Sep 26, 17:20 EDT
Update - We continue to work towards network stability. All teams remain actively engaged.
Sep 26, 16:45 EDT
Update - We continue to work on this incident.
Sep 26, 15:54 EDT
Update - As we continue to work on this incident, 911 has been and remains intermittently impacted. As such we recommend customers ensure their 911 calls can fail over to our geo-redundant data centers.
Sep 26, 14:45 EDT
Update - Bandwidth teams continue to work on this incident.
Sep 26, 14:25 EDT
Update - Bandwidth teams have observed expected messaging behavor across the network. Inbound and Outbound messaging services are functioning as designed.
Sep 26, 13:29 EDT
Update - At this time we are seeing portal and portal API functions restore with expected behaviors. We continue to work on Voice, 911, and Messaging services.
Sep 26, 13:27 EDT
Identified - Bandwidth teams have identified the cause of this incident and continue to work towards a resolution. All teams are actively engaged.
Sep 26, 12:35 EDT
Update - Bandwidth teams are now investigating delays with inbound and outbound messaging.
Sep 26, 11:45 EDT
Investigating - Bandwidth is investigating an incident impacting Voice and 911 Calls. These calls may experience unexpected failures. We are also investigating an incident impacting our Dashboard and 911 Portals, along with associated APIs being unresponsive. All teams are actively engaged at this time.
Sep 26, 11:41 EDT
← Incident HistoryPowered by Atlassian Statuspage

 

[biglebowski]

we get around 100-150 attempts per day for rogue registrations and call attempts on our remote worker SBC.

I've locked down the user-agent to be very specific i.e just for IX workplace v21 and enabled mutual TLS with a public cert on the outside interface and client certs that are renewed daily.

Biglebowskis Razor - with all things being equal if you still can't find the answer have a shave and go down the pub.

 

[jimbojimbo]

kyle555 - there are those looking for SIP connectivity. I've squashed most of it. The larger issue is the probing for HTTPS vulnerabilities which is why I review the SBC tracesbc_http logs on a daily basic.

The US government is definitely inept in my opinion.

What has the FCC CCR and CSRIC really done. They seem to have almost no authority. They can't even get E911 rolled out across the country.

Today most SIP service providers still use unsecured communication with many doing so over the internet. Where is the FCC requirement for TLS/SRTP? PCI-DSS and the CA Browser Forum have a bigger impact to securing communications.

Have you looked at NORS? What data is the FCC providing to the public? Probably requires a FOIA request for historical data and even then I expect a court battle. The February 23,2021 FCC Fact Sheet specifically states NORS filings are confidential. Agencies may only disclose aggregate and anonymized data. So much for transparency. What they are saying is they are serving the carriers and not the public interest.

 

[biglebowski]

There is also a company called Securelogix who provide VoiP security, I rolled it out years ago for the US Army in Europe and although it was only TDM back then it was a good product.

https://securelogix.com/

All of our guidance around voice security came from DISA and CERT (now CISA)

https://us-cert.cisa.gov/

https://www.disa.mil/

If they are anything like the UK NCSC they should provide guidance and white papers etc to civilian companies.

Biglebowskis Razor - with all things being equal if you still can't find the answer have a shave and go down the pub.