Apparently this friendly-scanner thing is pretty well known: https://blog.kolmisoft.com/sip-attack-friendly-scanner/
At least it’s cheerful!
Yeah, spin up a SIP server on any public cloud instance and within minutes you’ll start seeing your neighborhood friendly-scanners hitting your server.
That is awesome that the author resolved the issue with just a simple script. Very clever. There are known SIP user-agents that should just be blocked outright since no honest actor is using them. There is also Kamailio’s anti-flood machanisms to help protect your SIP network.
Wow, thanks for linking Drachtio (link is broken but I looked it up). Seems awesome.
Where I used to work we had a list of about 16 user agents that were just instantly dropped, lol.
Fixed the link. Yeah, it’s really cool and fun to work with. Getting to do SIP directly in a programming language is nice. All the SIP server configs get cumbersome. The creator has a lot of good example projects on his github. If you need any help feel free to message me.