SIP Attacks Originating from Amazon EC2 IP Addresses
So all may not be well in the cloud. Or at least Amazon's cloud.
Lately, there have been an awful lot of issues around, in particular, Amazon's web services cloud. Apparently, there are quite a few SIP brute force attacks originating from EC2 IP addresses, and they appear to be getting more common.
The attacks have been detailed at sites including VoIP Tech Chat (who has also published Amazon's reponse), Stuart Sheldon's blog, and others, and no one seems to know quite what to do. This includes Amazon, the gist of who's response thus far has been an explanation of how the EC2 IP addresses change, and therefor tracking the attackers isn't going to happen.
The problem here is that should the attacks continue to rise, should Amazon's web services end up being the source of a large number of various attacks, many administrators may well bar traffic from the entire cloud. Which would suck.