[asterisk-users] being bombarded with SIP packets
Zeeshan Zakaria
zishanov at gmail.com
Thu Oct 28 11:39:57 CDT 2010
Two incidents in two weeks is not bad. I get 2-4 a day. There must be many
here with even more than that. You should start considering some safety
practices like disabling long distance and international calls by default,
put a cap on long distance and international calls even for genuine users,
and who don't want to have caps, get their consent that they'll not argue
with you if their accounts are hacked. Probably do prepaid billing at least
for long distance and international calls.
Other than that, fail2ban is a must have. Detailed installation instructions
you can find at voip-info.org website and also in my blogs at
ilovetovoip.com.
Regards,
Zeeshan A Zakaria
--
www.ilovetovoip.com
www.pbxforall.com (beta)
On 2010-10-28 3:48 AM, "Per Jessen" <per at computer.org> wrote:
Over the last two weeks, we have had at least two "incidents" where our
asterisk server got flooded (a hundred or more per second) by SIP
packets. Once from 114.31.50.10, second time from 173.212.200.146. We
became aware of the problem when bandwidth started suffering because
asterisk got very busy sending back replies or rejects (dunno which, I
didn't investigate it any further).
The immediate issues were dealt with by having the firewall drop those
packets, but I was wondering:
1) if anyone has seen the same problem, and
2) if you've got some iptables rules for limiting inbound SIP by rate?
(or some such).
thanks
Per Jessen, Zürich
--
http://www.spamchek.com/ - your spam is our business.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101028/525cf5f1/attachment.htm
More information about the asterisk-users
mailing list