[OpenSIPS-Users] How to protect OpenSIPS from undesidered requests (DoS attack?)
leo
uzcudunl at yahoo.it
Wed Mar 6 10:10:35 CET 2013
Hello:
I'm receiving on my OpenSIPS server a lot of register request. I believe
that is someone trying to attack the sip service because the source IP is
not one that i know. Here is the request:
10:03:54.191249 00:08:e3:20:fb:b6 > 00:0c:29:fc:95:e1, ethertype IPv4
(0x0800), length 384: (tos 0x0, ttl 52, id 0, offset 0, flags [DF], proto
UDP (17), length 370)
199.217.115.214.5981 > X.X.X.X.5060: [udp sum ok] SIP, length: 342
REGISTER sip:X.X.X.X SIP/2.0
Via: SIP/2.0/UDP 199.217.115.214:5981;branch=z9hG4bK-2684304106;rport
Content-Length: 0
From: "5988" <sip:5988 at X.X.X.X>
Accept: application/sdp
User-Agent: friendly-scanner
To: "5988" <sip:5988 at X.X.X.X>
Contact: sip:123 at 1.1.1.1
CSeq: 1 REGISTER
Call-ID: 3943182463
Max-Forwards: 70
How could i prevent this kind of requests?
Thanks a lot.
Leo.
--
View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/How-to-protect-OpenSIPS-from-undesidered-requests-DoS-attack-tp7585091.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
More information about the Users
mailing list