[asterisk-users] Denial of Service Attack

Dan Journo dan at keshercommunications.com
Sun Mar 7 12:42:02 CST 2010 

Hi, 

If I set up two servers for load balancing and redundancy, how do I program the dial plan for internal calls? Bearing in mind that some internal users will be registered to server A, and some registered to server B?

Many thanks
Dan

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Dan Journo
Sent: 06 March 2010 20:16
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Denial of Service Attack

That solution works fine for the polycom phones because you can set two sip servers.

However, what can I do for the incoming SIP calls from our voip provider?
We can only set one destination address for the calls.
Eg. user at sipserver1.ourcompany.com

Many thanks
Dan

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Tilghman Lesher
Sent: 05 March 2010 16:46
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Denial of Service Attack

On Friday 05 March 2010 10:17:27 Dan Journo wrote:
> I currently have a dedicated server with a hosting provider for my voip and
> the provider is currently experiencing a DOS attack. I have been looking at
> purchasing a number of servers and creating my own VOIP setup with
> redundancy built in.
>
> However, how I can design the system to ensure services remain online in
> the event a DOS attack is launched?
>
> I use Polycom phones which can connect to two sip servers, so would I
> simply have to take down the affected SIP server so that all calls are
> routed through the backup server? Or is there a better way of doing things?

Best possible method would be to distribute your servers across many different
networks, such that a DOS against all of your servers is effectively a DOS on
the entire Internet.  Then it becomes an issue for your upstream provider(s).
Your upstream provider(s) would need to be involved in mitigating a DOS
attack, anyway.

-- 
Tilghman Lesher
Digium, Inc. | Senior Software Developer
twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
Check us out at: www.digium.com & www.asterisk.org

-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
               http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
               http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list