At about 9am yesterday morning, I noticed on the monitor that the CPU utilization of one of my servers was abnormally high, in addition to a sustained 1mbit/sec of inbound traffic and 2mbits/sec of outbound traffic. syslog messages from Asterisk showed it to be a SIP brute force attack, so I dropped the offending IP (an Amazon EC2 instance IP) into
/etc/idiots to block it and went back to my work.
A while later, I noticed the traffic still hadn't died down, so I reported the incident to Amazon and my server's network provider. No luck on either front; Amazon just sent back a form reply stating the incident was forwarded to the EC2 instance's owner (yeah, seriously) and the network provider said they wouldn't bother adding an ACL to their border equipment unless it was needed to protect their entire network. With the IP blocked on my server, the CPU utilization had died down and it was no longer sending out reply traffic, but I was worried about the inbound garbage traffic counting towards the server's monthly bandwidth cap.
"we" have been working pretty hard lately on corduroy, a web-based billing system for small businesses. the live demo site is available showing off its features and functionality and the signup system will be ready shortly to start taking subscriptions.
i started writing corduroy years ago out of a personal need for a billing system for superblock. i tried quickbooks and hated it; all i wanted was a simple system for making professional-looking invoices and keeping tabs on my accounts. so, i quickly ditched quickbooks and started writing a web-based system in ruby on rails which i have been using ever since.