[asterisk-users] sip dos question
adamk at 3a.hu
adamk at 3a.hu
Thu Jan 20 15:21:36 CST 2011
Hi Kyle,
On 01-20-2011 20:41, Kyle Kienapfel wrote:
> I understood that option worked the other way around so attacker
> thinks peer name is invalid even when they hit a real one.
>
sorry, it must be because i'm not a native english speaker but i don't
exactly get what you mean by the above.
to me it appears that attackers actually do know when they hit a valid
peer name. now i switched the alwaysauthreject to yes (was on default).
at the next attack i'll see if they now can determine if a peer name
is valid or not. i'm expecting: not from now on.
>> So i was wondering through the sip.conf and found 'alwaysauthreject' which
>> was set to default (commented out). I now set its value to yes (which i
>> thought was the default setting).
>>
>> Does this setting makes the attacker believe that the first try of sip peer
>> name was valid, but only the password was incorrect? So in this case should
>> they stick to the first name tried whatever it was?
>>
More information about the asterisk-users
mailing list