[Spce-user] Asterisk client issues
Jon Bonilla (Manwe)
jbonilla at sipwise.com
Fri Jul 19 10:12:44 EDT 2013
El Fri, 19 Jul 2013 16:11:22 +0200
Jon Bonilla (Manwe) <jbonilla at sipwise.com> escribió:
> El Fri, 19 Jul 2013 16:03:54 +0200
> Matthew Ogden <matthew at tenacit.net> escribió:
>
> > Thanks
> >
> > What will happen if I disable it, and a outside IP attacks using this
> > username?
> >
> > Will they be caught by flooding auth packets?
> >
>
>
> The auth_ban protection check failed auth attepmts from multiple destinations
> and protects against ddos attacks bypassing dos protection. These are quite
> uncommon. The dos protection bans ip addresses if they send more than x
> requests per second. This is more useful and it's the most common scenario.
>
> If an ip address tries to bruteforce attack your system, that ip address will
> be banned.
>
Anyways, we're discussing internally if the stale_nonce situation should be
excluded from the auth_check_ban protection for these situations. We might
change the ddos protection a little bit in future versions
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20130719/cc594714/attachment.asc>
More information about the Spce-user
mailing list