We recently made some dramatic enhancements to the APIBAN infrastructure. As I joked on Mastodon, I must be getting older as these improvements were made well before an emergency.
If you’re not familiar, APIBAN helps prevent unwanted SIP traffic by identifying addresses of known bad actors before they attack your system. Bad actors are collected through globally deployed honeypots and curated by LOD. You can access this data via API or automatically block the traffic with our open source client.
Cisco and Juniper Support
The new enhancements allowed the addition of two more formats for the
ipset function — Cisco format and Juniper format.
These formats will allow you to integrate the data into popular security products from Cisco and Juniper; hopefully improving the security of your SIP servers.
APIBAN started from discussions at tech conferences (in particular Kamailio World). Most of the attendees had seen increases in malicious SIP traffic and we all thought there should be a way to share the active “bad actors.”
When I found myself with some downtime, and with the support of LOD, some honeypots were deployed… and API made to share the data, and APIBAN was born.
APIBAN is a free service thanks to our generous sponsors.