[OpenSIPS-Users] How to protect OpenSIPS from undesidered requests (DoS attack?)
alexandre Moutot
a.moutot at alphalink.fr
Wed Mar 6 10:27:47 CET 2013
Hello,
Maybe you should use fail2ban : http://www.opensips.org/Resources/DocsTutFail2ban
Regards,
MOUTOT Alexandre
a.moutot at alphalink.fr
----- Original Message -----
> From: "leo" <uzcudunl at yahoo.it>
> To: users at lists.opensips.org
> Sent: Wednesday, March 6, 2013 10:10:35 AM
> Subject: [OpenSIPS-Users] How to protect OpenSIPS from undesidered requests (DoS attack?)
> Hello:
>
> I'm receiving on my OpenSIPS server a lot of register request. I
> believe
> that is someone trying to attack the sip service because the source IP
> is
> not one that i know. Here is the request:
>
> 10:03:54.191249 00:08:e3:20:fb:b6 > 00:0c:29:fc:95:e1, ethertype IPv4
> (0x0800), length 384: (tos 0x0, ttl 52, id 0, offset 0, flags [DF],
> proto
> UDP (17), length 370)
> 199.217.115.214.5981 > X.X.X.X.5060: [udp sum ok] SIP, length: 342
> REGISTER sip:X.X.X.X SIP/2.0
> Via: SIP/2.0/UDP 199.217.115.214:5981;branch=z9hG4bK-2684304106;rport
> Content-Length: 0
> From: "5988" <sip:5988 at X.X.X.X>
> Accept: application/sdp
> User-Agent: friendly-scanner
> To: "5988" <sip:5988 at X.X.X.X>
> Contact: sip:123 at 1.1.1.1
> CSeq: 1 REGISTER
> Call-ID: 3943182463
> Max-Forwards: 70
>
> How could i prevent this kind of requests?
> Thanks a lot.
>
> Leo.
>
>
>
> --
> View this message in context:
> http://opensips-open-sip-server.1449251.n2.nabble.com/How-to-protect-OpenSIPS-from-undesidered-requests-DoS-attack-tp7585091.html
> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list