Hello, Maybe you should use fail2ban : http://www.opensips.org/Resources/DocsTutFail2ban
Regards, MOUTOT Alexandre [email protected] ----- Original Message ----- > From: "leo" <[email protected]> > To: [email protected] > Sent: Wednesday, March 6, 2013 10:10:35 AM > Subject: [OpenSIPS-Users] How to protect OpenSIPS from undesidered requests > (DoS attack?) > Hello: > > I'm receiving on my OpenSIPS server a lot of register request. I > believe > that is someone trying to attack the sip service because the source IP > is > not one that i know. Here is the request: > > 10:03:54.191249 00:08:e3:20:fb:b6 > 00:0c:29:fc:95:e1, ethertype IPv4 > (0x0800), length 384: (tos 0x0, ttl 52, id 0, offset 0, flags [DF], > proto > UDP (17), length 370) > 199.217.115.214.5981 > X.X.X.X.5060: [udp sum ok] SIP, length: 342 > REGISTER sip:X.X.X.X SIP/2.0 > Via: SIP/2.0/UDP 199.217.115.214:5981;branch=z9hG4bK-2684304106;rport > Content-Length: 0 > From: "5988" <sip:[email protected]> > Accept: application/sdp > User-Agent: friendly-scanner > To: "5988" <sip:[email protected]> > Contact: sip:[email protected] > CSeq: 1 REGISTER > Call-ID: 3943182463 > Max-Forwards: 70 > > How could i prevent this kind of requests? > Thanks a lot. > > Leo. > > > > -- > View this message in context: > http://opensips-open-sip-server.1449251.n2.nabble.com/How-to-protect-OpenSIPS-from-undesidered-requests-DoS-attack-tp7585091.html > Sent from the OpenSIPS - Users mailing list archive at Nabble.com. > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
