[asterisk-bugs] [JIRA] (ASTERISK-20722) Preventing Password attacks
Ron Wheeler (JIRA)
noreply at issues.asterisk.org
Fri Nov 23 21:42:45 CST 2012
Ron Wheeler created ASTERISK-20722:
--------------------------------------
Summary: Preventing Password attacks
Key: ASTERISK-20722
URL: https://issues.asterisk.org/jira/browse/ASTERISK-20722
Project: Asterisk
Issue Type: Improvement
Security Level: None
Components: Channels/chan_sip/Security Framework
Affects Versions: 10.8.0
Environment: All
Reporter: Ron Wheeler
When someone tries to attack a SIP account Asterisk helps them out by responding quickly.
When an asterisk systm is attacked by applying random passwords, it would be good to be able to slow the attacker down by specifying a high number oof milliseconds to respond to a wrong password or username.
This would at least slow it down and eventually they would go away.
No one with a valid password would be affected and it should be easy to do.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list