actually same thing happened to us a year ago (under asterisk 1.2) we solved the same day discovered by putting both:
allowguest=no alwaysauthreject = yes On Sun, Oct 3, 2010 at 7:17 PM, Barry Miller <[email protected]>wrote: > On Sun, Oct 03, 2010 at 02:19:35PM -0600, Greg Saunders wrote: > > Hello all. I was recently the victim of a SIP flood attack. I'm wondering > > what is the best method to prevent such things in the future. > > In sip.conf: > [general] > alwaysauthreject = yes > > The attacking program is probably svwar.py (part of SIPVicious). It > will give up as soon as it realizes it can't tell the difference > between attempting to register an invalid extension and a valid one > (with an arbitrary password). > > It's the default in 1.8, but the option goes back at least to 1.4. > > -- > Barry > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- Abdullah
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
