APIBAN's Avatar

APIBAN

@apiban.org

APIBAN helps prevent unwanted SIP and HTTP/s traffic by identifying addresses of known bad actors before they attack your system. #SIP #VoIP #RTC #webrtc https://www.apiban.org https://github.com/apiban

32
Followers 55
Following 15
Posts 18.11.2024
Joined
Posts Following

Latest posts by APIBAN @apiban.org

Preview
February 2026: TURN security series, libvpx VP9 overflow, Grandstream RCE, coturn fixes RTCSec newsletter for February 2026 covering Enable Security's TURN server security blog series, libvpx VP9 encoder heap overflow in Chrome and Firefox, Grandstream GXP1600 unauthenticated RCE with ca...

Time for me to say... "There are those who read what @sandrogauci.bsky.social and @enablesecurity.bsky.social write and those who wish they had."

Also, very honored to have @apiban.org make the newsletter -- in a good way. ;)

#security #rtc #sip

www.enablesecurity.com/newsletter/2...

26.02.2026 17:39 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Kamailio v6.1.0 Release Notes – The Kamailio SIP Server Project

#Kamailio v6.1.0 released!!

Thank you to @miconda.bsky.social and all the Kamailio developers.

Read more: www.kamailio.org/w/kamailio-v...

18.02.2026 16:55 πŸ‘ 0 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
TURN Security Threats: A Hacker's View TURN servers are powerful proxies abused for internal network access, C2 operations, and DDoS attacks. Threat analysis from years of research and pentesting.

TURN servers are meant to relay WebRTC media. To an attacker, they're just proxies.

We wrote up the threats we've been finding since 2017: relay abuse, DoS amplification, and software vulns.

www.enablesecurity.com/blog/turn-se...

12.02.2026 10:52 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1

Wrote up our RTCon 2025 talk on TURN security threats.

www.enablesecurity.com/blog/turn-se...

12.02.2026 10:53 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
APIBAN - 2025 year in review Happy New Year! Lets start 2026 off by looking at tha last year from an APIBAN point of view. The 2025 year in review.

2025: The Year in Review (for unwanted SIP/HTTP traffic)

apiban.org/2025.html

06.02.2026 15:45 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
January 2026: Cisco UCM zero-day, 39C3 telco talks, FreePBX exploitation January 2026 RTCSec newsletter: Cisco UCM zero-day, 39C3 telco talks, FreePBX web shell in the wild, Element Call, voice AI risks, Yealink RPS CVE, and more

There are those who read what @sandrogauci.bsky.social and @enablesecurity.bsky.social write... and those who wish they had.

www.enablesecurity.com/newsletter/2...

#voip #security #rtc #freepbx

30.01.2026 16:00 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
ClueCon Weekly with Daniel-Constantin & Fred Posner [Sn. 15 Ep. 21]: Kamailio 6.1
ClueCon Weekly with Daniel-Constantin & Fred Posner [Sn. 15 Ep. 21]: Kamailio 6.1 YouTube video by FreeSWITCH

Was honored to chat with @miconda.bsky.social and Luca about #kamailio and #kamailioworld on ClueCon Weekly.

www.youtube.com/watch?v=czDp...

30.01.2026 16:04 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Upgrade Postgres 13 to 17 The upcoming version of Matrix Synapse drops support for PostgreSQL 13. This is how I upgraded our deployments.

The upcoming version of #Matrix Synapse drops support for PostgreSQL 13.

If you're like me, and rarely use PostgreSQL... upgrading can create a bit of anxiety.

www.fredposner.com/upgrade-post...

20.11.2025 15:11 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Amazon AWS is a single point of failure.

20.10.2025 22:19 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

AWS is a single point of failure.

20.10.2025 10:04 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
A view out of the window of an easyJet airplane. Rain on the window

A view out of the window of an easyJet airplane. Rain on the window

A graphic showing the title of the talk Dan is giving

A graphic showing the title of the talk Dan is giving

Off to Krakow for a few days to attend the RTC.ON conference hosted by @swmansion.com ! Looking forward to seeing friends and meeting new contacts.

I’ll be speaking tomorrow about running WebRTC on low powered devices.

17.09.2025 05:37 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Banner for Antonio Bevilacqua's presentation at RTC.ON, called "From RTP Streams to AI Insights: Building Real-Time AI Pipelines with Juturna and Janus"

Banner for Antonio Bevilacqua's presentation at RTC.ON, called "From RTP Streams to AI Insights: Building Real-Time AI Pipelines with Juturna and Janus"

If you're in Krakow for RTC.ON, don't miss the presentation my colleague Antonio will make there! He's been working on a new cool project called #Juturna for real-time AI pipelines, which we've been using with #Janus ourselves. The event is usually streamed, so I'll share a link when I have one πŸ™

17.09.2025 10:22 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 1
ClueCon 2025 | Fred Posner: Scaling & Moving User Registrations/Locations/Presence - FS to Kamailio
ClueCon 2025 | Fred Posner: Scaling & Moving User Registrations/Locations/Presence - FS to Kamailio YouTube video by FreeSWITCH

My presentation from #ClueCon was posted on YouTube =) www.youtube.com/watch?v=7omz...

05.09.2025 18:32 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Next up at ClueCon... @miconda.bsky.social talking about #Kamailio and Lua

05.08.2025 15:15 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

David Duffett gives a presentation on presenting presentations for an inception inducing presentation at #ClueCon2025

05.08.2025 16:29 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - apiban/apiban-client-nftables: nftables go client nftables go client. Contribute to apiban/apiban-client-nftables development by creating an account on GitHub.

Did you know we have an open source integration with nftables? It allows you to control how long ips are blocked. Would love a star if you could.

github.com/apiban/apiba...

31.07.2025 23:25 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
July 2025: Rtpengine fixes, RTC conferences and showers of vulnerabilities July 2025 RTCSec newsletter: Rtpengine fixes, RTC conferences and showers of vulnerabilities

I say it monthly... "There are those who read what @sandrogauci.bsky.social and @enablesecurity.bsky.social write... and those who wish they had."

Big items in this month's newsletter.

www.enablesecurity.com/newsletter/2...

#sip #voip #rtp

31.07.2025 18:32 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
See you at ClueCon 2025 Cluecon, a conference centered around FreeSWITCH, VoIP, and WebRTC, will be held in Chicago from August 4-7th, 2025. This year, I will present regarding migrating users from FreeSWITCH to registering ...

See you at ClueCon2025! www.fredposner.com/going-to-clu...

30.07.2025 19:38 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
CitrixBleed 2 exploitation started mid-Juneβ€Šβ€”β€Šhow to spot it CitrixBleed 2β€Šβ€”β€ŠCVE-2025–5777β€Šβ€”β€Šhas been under active exploitation to hijack Netscaler sessions, bypassing MFA, globally for a month.

New by me - although Citrix say there is no evidence of exploitation of CitrixBleed 2 vulnerability, they are wrong - it has been under active exploitation since mid June by an IP associated to a ransomware group, with multiple IP addresses now involved.

doublepulsar.com/citrixbleed-...

08.07.2025 14:46 πŸ‘ 80 πŸ” 34 πŸ’¬ 4 πŸ“Œ 0
A New Adventure: Introducing FusionPBX… again – Nerd Vittles

Love the inclusion of APIBAN.... thanks @nerduno.bsky.social nerdvittles.com/a-new-advent...

27.06.2025 18:55 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

A New Day for Serious VoIP Developers #FusionPBX #FreeSWITCH #VoIP #NerdVittles

nerdvittles.com/a-new-advent...

25.06.2025 12:37 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
GitHub - apiban/apiban-client-nftables: nftables go client nftables go client. Contribute to apiban/apiban-client-nftables development by creating an account on GitHub.

New feature for apiban-client-nftables: flushafter

You can now adjust how long to keep the apiban addresses blocked in nftables (default period is 1 week).

github.com/apiban/apiba...

26.06.2025 16:10 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Kamailio World 2025: Thoughts Kamailio World 2025 took place in Berlin, DE from May 12-13th, 20025. A great event with amazing presentations and community. Can't wait for Kamailio World 2026.

Blogged: Kamailio World 2025 Thoughts www.fredposner.com/kamailio-wor...

09.06.2025 17:54 πŸ‘ 4 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

Nice comparison chart in the post.

27.05.2025 11:35 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
RTCSec Newsletter - a monthly newsletter about VoIP and WebRTC security Curated VoIP and WebRTC security news, research and updates by Enable Security.

The latest newsletter from @enablesecurity.bsky.social is out and as I always say...

There are those who read what @sandrogauci.bsky.social writes, and those who wish they had.

www.enablesecurity.com/newsletter/

(subscribe link right at the top)

#voip #webrtc #sip #security #kamailio

29.05.2025 17:26 πŸ‘ 4 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Philips Hue attempts to contact IPs in China

Philips Hue attempts to contact IPs in China

My Philips Hue bridge really wants to know the time in China. Like really, really badly.

29.05.2025 18:04 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Kamailio World Conference 2025

This is the day! #KamailioWorld Conferece 2025 starts at 9:00am, Berlin, Germany: www.kamailioworld.com/k2025/ It is going to be two intense days, packed with presentations, attended by a full house! You can watch the live stream at: www.youtube.com/@KamailioWorld #opensource #telephony #voip #vonr

12.05.2025 05:26 πŸ‘ 6 πŸ” 2 πŸ’¬ 0 πŸ“Œ 1
Post image

Full house here at #kamailioworld. I love my row. @danjenkins.bsky.social @lminiero.it

12.05.2025 07:42 πŸ‘ 5 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Kamailio World 2025 - Day 1
Kamailio World 2025 - Day 1 YouTube video by Kamailio World

Kamailio World 2025 has started! I'll do my presentation on #RoQ (RTP over #QUIC) later today, at 4.50pm Germany time. You can watch the live stream here!

www.youtube.com/watch?v=p4Zr...

12.05.2025 08:06 πŸ‘ 6 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Post image

Next up is David Duffet presenting at #KamailioWorld on behalf of Simwood. Navigating the decline of minute revenue.

12.05.2025 09:11 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0