[Asterisk-Users] Recommendation for dialplan in case of DDoS
atta cks?
Mike Benoit
ipso at snappymail.ca
Mon Feb 28 13:28:17 MST 2005
On Mon, 2005-02-28 at 14:20 -0600, Kristian Kielhofner wrote:
> His suggestion was basically the same thing, only in mine you would dial
> an extension to "activate" DDOS mode instead of running the database put
> from the command line.
>
> How about monitoring your hosts with "iax2/sip show peers" and parsing
> that output with a cron job? The ping thing looks like it would be more
> of a problem than anything else.
>
> OR you could run Snort and have it "detect" the DDOS somehow... Not a
> snort expert, but it has to be doable.
>
> Are these inbound or outbound calls? (both?) I am pretty confused
> about all of this...
Isn't this what qualify=<latency> (ie: qualify=200) in your iax/sip.conf
files is for?
If the latency exceeds 200ms, Asterisk will automatically disable the
link, and you can easily use a fail-over method in your dialplan. I
think something like isChanAvail() might work for that.
>
> --
> Kristian Kielhofner
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
--
Mike Benoit <ipso at snappymail.ca>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20050228/51be32b3/attachment.pgp
More information about the asterisk-users
mailing list