[asterisk-dev] Follow up for Denial of Service on 1.2.13
Johansson Olle E
olle at voop.com
Fri Dec 1 09:30:24 MST 2006
1 dec 2006 kl. 16.08 skrev J. Oquendo:
> Asterisk was hosed pretty bad after Asteroid. I launched a BYE
> INVITE REGISTER and SUBSCRIBE DoS
> that somehow froze Asterisk from doing anything at all other than
> running in some paralyzed state:
>
Can you tell me more about an "Asteroid attack" ?
/O
> Take note, I control-c'd it after about 2 minutes. Ultimately I had
> to kill -9 the PID and start it back up.
>
> bash-3.2# asterisk -r
> Asterisk 1.2.13, Copyright (C) 1999 - 2006 Digium, Inc. and others.
> Created by Mark Spencer <markster at digium.com>
> Asterisk comes with ABSOLUTELY NO WARRANTY; type 'show warranty'
> for details.
> This is free software, with components licensed under the GNU
> General Public
> License version 2 and other licenses; you are welcome to
> redistribute it under
> certain conditions. Type 'show license' for details.
> ======================================================================
> ===
>
>
>
>
>
>
>
>
>
> ^C
> bash-3.2# gdb asterisk
> GNU gdb 5.3nb1
> Copyright 2002 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License,
> and you are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for
> details.
> This GDB was configured as "i386--netbsdelf"...(no debugging
> symbols found)...
> (gdb) run -r
> Starting program: /usr/pkg/sbin/asterisk -r
> (no debugging symbols found)...(no debugging symbols found)...
> (no debugging symbols found)...(no debugging symbols found)...
> (no debugging symbols found)...(no debugging symbols found)...
> (no debugging symbols found)...(no debugging symbols found)...
> Asterisk 1.2.13, Copyright (C) 1999 - 2006 Digium, Inc. and others.
> Created by Mark Spencer <markster at digium.com>
> Asterisk comes with ABSOLUTELY NO WARRANTY; type 'show warranty'
> for details.
> This is free software, with components licensed under the GNU
> General Public
> License version 2 and other licenses; you are welcome to
> redistribute it under
> certain conditions. Type 'show license' for details.
> ======================================================================
> ===
>
> ^C(no debugging symbols found)...
> Program received signal SIGINT, Interrupt.
> [Switching to LWP 1]
> 0xbd9dbf77 in read () from /usr/lib/libc.so.12
> (gdb) quit
> bash-3.2# asterisk -r
> Unable to connect to remote asterisk (does /var/run/asterisk.ctl
> exist?)
> bash-3.2# lsof|awk '/aster/{print $1,$9}'|uniq
> asterisk /
> asterisk /usr/sbin/asterisk
> asterisk /usr
> asterisk /lib/libz.so.0.4
> asterisk /usr/pkg/lib/asterisk/modules/pbx_dundi.so
> asterisk /usr/pkg/lib/asterisk/modules/pbx_spool.so
> asterisk /usr/pkg/lib/asterisk/modules/pbx_config.so
> asterisk /usr/pkg/lib/asterisk/modules/res_crypto.so
> asterisk /usr/pkg/lib/asterisk/modules/res_features.so
> asterisk /usr/pkg/lib/asterisk/modules/res_agi.so
> asterisk /usr/pkg/lib/asterisk/modules/res_adsi.so
> asterisk /usr/pkg/lib/asterisk/modules/res_monitor.so
> asterisk /usr/pkg/lib/asterisk/modules/res_indications.so
> asterisk /usr/pkg/lib/asterisk/modules/res_musiconhold.so
> asterisk /lib/libcrypt.so.0.2
> asterisk /lib/libc.so.12.128.2
> asterisk /usr/lib/libssl.so.3.0
> asterisk /lib/libcrypto.so.2.1
> asterisk /usr/lib/libpthread.so.0.6
> asterisk /lib/libm.so.0.2
> asterisk /lib/libm387.so.0.0
> asterisk /usr/lib/libcurses.so.6.1
> asterisk /libexec/ld.elf_so
> asterisk /dev/null
> asterisk /var/log/asterisk/messages
> asterisk /var/log/asterisk/event_log
> asterisk /var/log/asterisk/queue_log
> asterisk /usr/pkg/libdata/asterisk/astdb
> asterisk *:18968
> asterisk *:4520
> asterisk cnt=104,
> asterisk *:5060
> asterisk *:2727
> asterisk *:4569
> asterisk *:sieve
> asterisk /var
> asterisk *:18969
> asterisk *:18624
> asterisk *:18625
> asterisk *:14814
> asterisk *:14815
> asterisk *:19698
> asterisk *:19699
> asterisk *:15294
> asterisk *:15295
> asterisk *:11804
> asterisk *:11805
> asterisk *:16154
> asterisk *:16155
> asterisk *:17750
> asterisk *:17751
> asterisk *:16800
> asterisk *:16801
> asterisk *:19460
> asterisk *:19461
> asterisk *:16198
> asterisk *:16199
> asterisk *:15974
> asterisk *:15975
> asterisk *:16392
> asterisk *:16393
> asterisk *:15160
> asterisk *:15161
> asterisk *:12076
> asterisk *:12077
> asterisk *:19964
> asterisk *:19965
> asterisk *:18524
> asterisk *:18525
> asterisk *:10792
> asterisk *:10793
> asterisk *:amanda
> asterisk *:12772
> asterisk *:12773
> asterisk *:13830
> asterisk *:13831
> asterisk *:13576
> asterisk *:13577
> asterisk *:11050
> asterisk *:11051
>
> bash-3.2# kill -9 25042
> bash-3.2# asterisk
> bash-3.2# asterisk -r
> Asterisk 1.2.13, Copyright (C) 1999 - 2006 Digium, Inc. and others.
> Created by Mark Spencer <markster at digium.com>
> Asterisk comes with ABSOLUTELY NO WARRANTY; type 'show warranty'
> for details.
> This is free software, with components licensed under the GNU
> General Public
> License version 2 and other licenses; you are welcome to
> redistribute it under
> certain conditions. Type 'show license' for details.
> ======================================================================
> ===
> Connected to Asterisk 1.2.13 currently running on excalibur (pid =
> 28622)
> excalibur*CLI>
>
> --
> ====================================================
> J. Oquendo
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
> sil . infiltrated @ net http://www.infiltrated.net
> The happiness of society is the end of government.
> John Adams
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
---
Olle E. Johansson * Asterisk Evangelist, developer * VOOP A/S
olle at voop.com
More information about the asterisk-dev
mailing list