[asterisk-dev] Rate limiting traffic to address potential DoS issues?

[Andrew Kohlsmith]

On Saturday 07 October 2006 23:07, Rich Adamson wrote:
> Really had not thought to much about the source of the "improper/bogus"
> packets, but since I'm heavily involved with I/T security assessments,
> my comments were more oriented towards what might reduce the load on an
> asterisk box when a hacker (or otherwise tosses packets at asterisk.
> Wasn't thinking at all in terms of broken clients and such.

Wouldn't you have to keep track of "who"?  Or was the intention to simply stop 
responding to *all* SIP packets?  If so, that seems like an easy DoS...  
Easier than what we currently have.

-A.