[asterisk-security] Asterisk and DoS attack: What has been done so far?
Abu 'Ubayd Fadil
fsutomo at gmail.com
Wed Jan 30 07:05:25 CST 2008
That's a good point. Now I am really confused, though.
If someone is flooding 100,000 INVITE packets to Asterisk, then what should
we do? Because we know, filtering the packets would only increase the
workload..
Help please, as I am not that experienced as you guys are..
Fadil
On Jan 30, 2008 7:24 AM, Kevin P. Fleming <kpfleming at digium.com> wrote:
> Abu 'Ubayd Fadil wrote:
>
> > What I am thinking right now is to use some kind of authentication,
> > perhaps using OpenSSL, so that Asterisk can filter which packet to
> > process, and which one to dump.
> >
> > Any comments, suggestions, critics? What do you guys think?
>
> All that will accomplish is to make the problem worse. The DoS is not
> usually making Asterisk do too much *real work*, it's just sending it
> large volumes of traffic it must ignore. Adding complexity to figure out
> which traffic to ignore and which to process will just increase the
> workload.
>
> The larger issue though is that 'adding authentication ... using
> OpenSSL' is all well and good if all your endpoints support it. If they
> don't, you have to continue to use the existing mechanisms for
> communication.
>
> --
> Kevin P. Fleming
> Director of Software Technologies
> Digium, Inc. - "The Genuine Asterisk Experience" (TM)
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-security mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-security/attachments/20080130/17e8e6fc/attachment-0001.htm
More information about the asterisk-security
mailing list