Hi Klaus,<br><br>Thanks a lot. Really, I have been trying to find a lot of papers regarding this, but nothing better than this.<br>I don't even know why google didn't direct me to this draft.<br><br>Anyway, once again, thanks a lot...<br>
<br>Fadil<br><br><div class="gmail_quote">On Feb 18, 2008 6:29 AM, Klaus Darilion <<a href="mailto:klaus.mailinglists@pernau.at">klaus.mailinglists@pernau.at</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
FYI: I think the question is related to<br><a href="http://tools.ietf.org/html/draft-jennings-sip-hashcash-06" target="_blank">http://tools.ietf.org/html/draft-jennings-sip-hashcash-06</a><br><br>klau<br><br>Tzafrir Cohen schrieb:<br>
<div class="Ih2E3d">> On Sat, Feb 16, 2008 at 11:37:46PM -0500, Fadil Sutomo wrote:<br>>> Hi All,<br>>><br>>> I am interested in developing a client-puzzle mechanism in SIP protocol so<br>>> that any client wants to send an INVITE message to asterisk should solve a<br>
>> cryptographic puzzle first. So, anyone of you can give me pointers regarding<br>>> this?<br>>><br>>> I am thinking about using openSSL api for the crypto in this mechanism, and<br>>> I am not planning to support the clients. I just want to implement this<br>
>> mechanism in Asterisk and test it in mitigating DoS attacks..<br>><br>> But what if the client just sends a host of junk requests? This does not<br>> take any calculation. How can Asterisk know a request is junk with doing<br>
> very little calculation?<br>><br>> If we can relate several junk requests to the same IP or so: then we can<br>> can throttle requests by IP or whatever. But Asterisk already supports<br>> this, I believe.<br>
><br><br></div><div><div></div><div class="Wj3C7c">_______________________________________________<br>--Bandwidth and Colocation Provided by <a href="http://www.api-digital.com--" target="_blank">http://www.api-digital.com--</a><br>
<br>asterisk-dev mailing list<br>To UNSUBSCRIBE or update options visit:<br> <a href="http://lists.digium.com/mailman/listinfo/asterisk-dev" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-dev</a><br></div>
</div></blockquote></div><br>