On Thu, 2008-01-17 at 15:47 +1300, Matt Riddell wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > You can't really block a DDoS attack - if you have 10Mbit of bandwidth > it takes 10Mbit of traffic to DDos you. If you have 100Mbit then it > will take 100Mbit. The only way to avoid it is to get someone upstream > with more bandwidth to block it.
no but iax makes it harder to do mitigation techniques. This is becasue media and signalling are on the same port. Why I was asking about that specifically. You cant rate limit packets very well since 10 calls from a given endpoint will look the same on an IP level as 1 call, just a larger volume, so if you do rate limit the audio quality, and potentially signalling information will be impaired. -- Trixter http://www.0xdecafbad.com Bret McDanel Belfast +44 28 9099 6461 US +1 516 687 5200 http://www.trxtel.com the phone company that pays you! _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
