For the last week or two, my email alerts about blocked IPs has rather blown up. Anybody else seeing many of these? Example: Code: Request from 126.96.36.199 are rejected/blocked by Anti hacking modue because of security breach The IP 188.8.131.52 has been blacklisted for 201 sec. Reason: Requests rate is too high! Somewhat odd.. the duration varies between address.. but the settings don't really reflect these values at all. Anyway, I'm starting to clamp down on firewall rules to block inbound SIP for most of the world.. considering just allowing to the SIP provider(s) and forcing a tunnel for remote extensions (via softphone and via SBC for handset). Given I don't have any remote handsets outside of North America, I started with blocking most of IPv4 which isn't ARIN. Globetrotters won't be taking handsets, can provision their softphones to tunnel.