Gordon Henderson wrote: > On Thu, 28 Oct 2010, Norbert Zawodsky wrote: > >> Am 28.10.2010 12:14, schrieb Per Jessen: >>> Ishfaq Malik wrote: >>> >>>> On Thu, 2010-10-28 at 09:41 +0200, Per Jessen wrote: >>>>> Over the last two weeks, we have had at least two "incidents" >>>>> where our asterisk server got flooded (a hundred or more per >>>>> second) by SIP >>>>> packets. Once from 114.31.50.10, second time from >>>>> 173.212.200.146. We became aware of the problem when bandwidth >>>>> started suffering because asterisk got very busy sending back >>>>> replies or rejects (dunno which, I didn't investigate it any >>>>> further). The immediate issues were dealt with by having the >>>>> firewall drop those packets, but I was wondering: >>>>> >>>>> 1) if anyone has seen the same problem, and > > This is not new - just Read The Fine Archives. Been going on for > years. You're not the first, not the last.
Well, to me it only started 3 days ago. Point taken though, I should have googled first. My main issue was not the brute force attempt in itself, but the increased latency it caused. /Per Jessen, Zürich -- http://www.spamchek.com/ - your spam is our business. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users