Well,
About sipvicious, just put a kamailio in front of asterisk and just drop
all messages with user agents corrreponding to these messages.
Spivicious first send options messages, read the user agent and drop if
it's corresponding to one of the user agents well known to be used.
In Kamailio
On 01/06/11 16:13, Allen David Niven wrote:
what does ossec give u that fail2ban does not ?
thx and cheers
Replied to list so others can find this in the future if they want to.
I haven't spent a lot of time investigating fail2ban as I was already
using ossec before I saw much talk about fa
On Thu, 19 Aug 2010, Dana Harding wrote:
>
>> (I've just had 30GB of sipvicious traffic sent to my hosted servers in a
>> 12-hour period - it came from what looked like a VPS host in France -
>> trivially firewalled out, but even dropping the packets didn't stop the
>> flood! It's so badly written
> (I've just had 30GB of sipvicious traffic sent to my hosted servers in a
> 12-hour period - it came from what looked like a VPS host in France -
> trivially firewalled out, but even dropping the packets didn't stop the
> flood! It's so badly written it appears to just ignore any return codes
> t
On 18/08/10 17:10, Gordon Henderson wrote:
>
> ... using it as a tool and understanding what it does...
>
> So one part of it's toolset identifys valid SIP accounts - and I was under
> the impression that alwaysauthreject=yes was supposed to stop this...
>
> However, it sends a request for a highly
... using it as a tool and understanding what it does...
So one part of it's toolset identifys valid SIP accounts - and I was under
the impression that alwaysauthreject=yes was supposed to stop this...
However, it sends a request for a highly probably non-existent account,
then sends requests
