[asterisk-users] app_hackblock to prevent SIP/IAX reg trolling

Danny Nicholas danny at debsinc.com
Fri Oct 2 16:01:14 CDT 2009


Unfortunately I don't really know since I use POTS for all of my external
traffic.  Maybe Tzafir or another guru can shed more light...

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of John A.
Sullivan III
Sent: Friday, October 02, 2009 3:51 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] app_hackblock to prevent SIP/IAX reg trolling

Is that what that does? I assumed that was like a protocol retry.  In
other words, if the registrar does not reply to the registry when it
submits its credentials, it will resubmit them registerattempts number
of times.  I did not think that prevented a registree from submitting
10,000 new sets of credentials.  But that was only my guess - John

On Fri, 2009-10-02 at 14:58 -0500, Danny Nicholas wrote:
> Sipregisterattempts would seem to be the simplest way to do this.  It is 0
> by default, changing it to 5 would stop the hacker after 5 tries.
> 
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Michelle
> Dupuis
> Sent: Friday, October 02, 2009 2:24 PM
> To: 'Asterisk Users List'
> Subject: Re: [asterisk-users] app_hackblock to prevent SIP/IAX reg
trolling
> 
> Good post.  One of the recommendations is to limit the number of calls per
> sip entity.  Is there an easy way to do that in sip.conf? 
> 
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of C F
> Sent: Friday, October 02, 2009 3:01 PM
> To: Asterisk Users List
> Subject: Re: [asterisk-users] app_hackblock to prevent SIP/IAX reg
trolling
> 
> Couple of old posts:
> http://lists.digium.com/pipermail/asterisk-users/2007-April/186195.html
> http://lists.digium.com/pipermail/asterisk-users/2009-March/229479.html
> http://lists.digium.com/pipermail/asterisk-users/2007-April/186456.html
> 
> 
> On Fri, Oct 2, 2009 at 2:42 PM, Michelle Dupuis <support at ocg.ca> wrote:
> > Has anyone written an app that monitors SIP/IAX registration attempts?  
> > A couple of clients are being flooded with SIP registrations (but the 
> > source IP changes every few hours so IPtables won't do)..
> >
> > I would think that any attempt to reg 5 times with a bad password 
> > should cause a 5 minute timeout until reg is considered again.  Has 
> > anyone written such an app?  The name app_hackblock is my contribution 
> > to the project :)
> >
> > MD
> > _______________________________________________
> > -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> >
> > AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now: 
> > http://www.astricon.net
> >
> > asterisk-users mailing list
> > To UNSUBSCRIBE or update options visit:
> >   http://lists.digium.com/mailman/listinfo/asterisk-users
> >
> 
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now:
> http://www.astricon.net
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> AstriCon 2009 - October 13 - 15 Phoenix, Arizona
> Register Now: http://www.astricon.net
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> AstriCon 2009 - October 13 - 15 Phoenix, Arizona
> Register Now: http://www.astricon.net
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

http://www.spiritualoutreach.com
Making Christianity intelligible to secular society


_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

AstriCon 2009 - October 13 - 15 Phoenix, Arizona
Register Now: http://www.astricon.net

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list