[asterisk-users] SIP Blacklisting

Thu Oct 21 11:41:19 CDT 2010

On 21 Oct 2010, at 17:32, Jeff LaCoursiere wrote:
> I agree in principle - some cron job pulling the list by http would 
> certainly be simple.  But just to continue my thoughts to the brick wall, 
> I don't see a lookup adding "latency" to the call other than what should 
> be a very brief addition to the time taken for a call to be accepted. 

Yea that's what I was referring to. Say some evil people attacked the server, you could add a few second delay to someone's call setup. I know it's not a major problem but it might just be opening another attack vector.

> Once accepted you would just continue to accept the packets.  How about 
> something DNS based?  Load could potentially be distributed that way if a 
> number of people agreed to participate.  I'll mull this over a bit more.

DNS is a possibility. It would require an Asterisk module I guess. There's nothing saying we could publish the same data in multiple ways (store it in SQL somewhere and output files to HTTP and generated zone files for bind to pick up).

S