[asterisk-dev] GSoC: Implementing Networking Security Framework for DOS attacks
Smita
vsmita1 at gmail.com
Tue Mar 24 11:25:50 CDT 2009
Hello,
I wanted to know if this idea is viable. Any help in refining the idea
in the current context is highly appreciated!
Store DoS related information within specfic nodes. This could include
IPs or networks that are blacklisted, etc. When processing an incoming
packet, the origin IP is compared to the data stored. If a match is
found for the IP or the source network, the packet is discarded.
Alternatively, these information nodes could contain Packets Per
Second information for that IP/network. Any packet from this source
that exceeds this count is dropped.
Another variation could be the above concept being applied to session
layer (SIP packets) rather than IP layer.
What I refer to as nodes here, could be a data structure (e.g. like Judy Nodes).
References: http://astridevcon.pbwiki.com/Network-Security-Framework
Please comment.
Thanks,
Smita
More information about the asterisk-dev
mailing list