[asterisk-users] SIP registration DoS but no logs in messages
Patrick
asterisk-users at ict-synergy.be
Thu Mar 17 00:37:54 CDT 2011
Dear mailing list,
I've a Asterisk 1.4.21.2~dfsg-3+lenny1 package installed on my debian
and I've a strange behavior.
After some days running normally, my asterisk is under heavy attack,
however, there is nothing logged in the console (logging from debug ->
error) or file (level from notice ->error)
I can see that there is also a peak on the network traffic.
My first guess is that I'm suffering from a SIP registration DoS, but,
as there is nothing logged about a "not matching peer" or "incorrect
password" logged to file, my fail2ban script is not blocking the
attacker.
I normally restarts Asterisk and logs are restarting to log attacks,
but, today, it's not working
FYI, I've checked and my loggers are not muted and the logging level
is at least "notice". I've also reloaded my loggers but no effect.
Do you already have experienced such situation ? Is there any known
issue with logging module stopping while Asterisk is DoS'ed ?
Best regards,
Patrick
More information about the asterisk-users
mailing list