‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, April 28, 2021 12:36 PM, <[email protected]> wrote:
> This seems concerning to me. Is there really no way for an operator to > mitigate this beyond choosing a random port and hoping no prospective > attacker figures out or otherwise deduces which port it is? ...or querying SHODAN for a list of hosts that are all running a STUN server on some port, for that matter. Rate limiting at the system level? Using local firewall rules to limit the amount of outbound STUN traffic to x packets per second, where x is a single digit integer? It won't stop abuse but it will slow it down significantly. The Doctor [412/724/301/703/415/510] WWW: https://drwho.virtadpt.net/ The old world is dying, and the new world struggles to be born. Now is the time of monsters.
