[asterisk-dev] Rate limiting traffic to address potential DoS
issues?
Kevin P. Fleming
kpfleming at digium.com
Fri Oct 6 13:46:58 MST 2006
----- John Lange <j.lange at epic.ca> wrote:
> As mentioned, this makes it trivial to DOS accounts and I would urge
> you
> to rule out the syn-cookie approach first before implementing rate
> limiting on accounts.
This will not be account-based, nor IP-based. There appear to be some relatively simple changes we can make to both make the response process to bogus signaling less costly, and also to stop responding to bogus signaling when the volume gets too high (regardless of its source). Stay tuned :-)
--
Kevin P. Fleming
Senior Software Engineer
Digium, Inc.
More information about the asterisk-dev
mailing list