[Spce-user] Asterisk client issues

Jon Bonilla (Manwe) jbonilla at sipwise.com
Fri Jul 19 10:12:44 EDT 2013


El Fri, 19 Jul 2013 16:11:22 +0200
Jon Bonilla (Manwe) <jbonilla at sipwise.com> escribió:

> El Fri, 19 Jul 2013 16:03:54 +0200
> Matthew Ogden <matthew at tenacit.net> escribió:
> 
> > Thanks
> > 
> > What will happen if I disable it, and a outside IP attacks using this
> > username?
> > 
> > Will they be caught by flooding auth packets?
> > 
> 
> 
> The auth_ban protection check failed auth attepmts from multiple destinations
> and protects against ddos attacks bypassing dos protection. These are quite
> uncommon. The dos protection bans ip addresses if they send more than x
> requests per second. This is more useful and it's the most common scenario.
> 
> If an ip address tries to bruteforce attack your system, that ip address will
> be banned. 
> 


Anyways, we're discussing internally if the stale_nonce situation should be
excluded from the auth_check_ban protection for these situations. We might
change the ddos protection a little bit in future versions

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20130719/cc594714/attachment-0001.asc>


More information about the Spce-user mailing list