211.99.122.18 = nomorefunn.moensted.dk ??


Yo, this is my first post. Just signed up last night. I'm not too familiar with SIP, RTP, etc but I am looking for secure communications and this looks like a decent thread to go with.... I think ;-).

Weird how that sight resolve the 211 address to a host in Denmark. It appears to be a portion of a block from the Asia Pacific (APNIC):
> 211.99.122.18
Server: e.root-servers.net
Address: 192.203.230.10

211.in-addr.arpa nameserver = NS-SEC.RIPE.NET
211.in-addr.arpa nameserver = TINNIE.ARIN.NET
211.in-addr.arpa nameserver = DNS1.TELSTRA.NET
211.in-addr.arpa nameserver = NS4.APNIC.NET
211.in-addr.arpa nameserver = NS1.APNIC.NET
211.in-addr.arpa nameserver = NS3.APNIC.NET

whois query from apnic.net has it reserved by a hotel... LOL. Whatever, I just thought it's strange because I got nomorefunn.moensted.dk from that site also. Anyway, UDP port 1434 is likely an SQL port, not related to VOIPo.
Looks like there's been a little spike on that port on May 18th:
http://isc.sans.org/port.html?port=1434
half the sources from May 17th but an additional 3,500 destinations.

Comcast hangs their ATA out on the public internet. My dad's AT&T ATA was the same. He's been using it for 4+ years that way and doesn't run into any service or billing issues other than an ATA going south after an update was pushed up to it. But their service sux and so does the $. I've been trying out Lingo the past week. They had me place it behind the my edge device and asked for UDP ports 1024-1030, 5060-5065 and 10000-20000 to be forwarded.

I'm not sure why the SOHO devices use the term DMZ when placing a host completely on the public internet. I thought a DMZ generally is - modem > router > firewall > DMZ > router > firewall > LAN (maybe with IDS in there as well), placing DNS, SMTP, WWW, FTP, etc services in DMZ and forwarding the necessary ports - in the case of SIP, I'm assuming that's forwarding of ports to accomodate the application and fault tolerance (failover).
I'm not that rich or need the enterprise infrastructure, especially since some dude from India took my job.... LOL- but I have - an edge device > DMZ > router with SPI > LAN then open up whatever ports are requested from the vendor, application, etc. As a rule I shy away from opening UDP ports but did it for a VPN concentrator well before the jobs were farmed out of "Dodge" :-). Oh, if you have a VLAN capable switch, maybe you could place your VoIP gear on their own virtual segment? I didn't bother.

I was going to ask you about encryption but I think that's out of the scope of this thread.

Anyway, I'm really excited to come on board with VoIPo because this community looks like a bunch a tweakers and I could learn from you guys as well as tweak ;-)