[Kamailio-Users] htable dictionary attack example
Elena-Ramona Modroiu
ramona at asipto.com
Thu Jan 22 12:32:30 CET 2009
Klaus Darilion wrote:
> Elena-Ramona Modroiu schrieb:
>
>> Hi,
>>
>> Juha Heinanen wrote:
>>
>>> htable module README has a dictionary attack limitation example. i'm
>>> afraid to "try it at home", because it seems to me that it in turn opens
>>> up a dos attack possibility: exhausting proxy shared memory by
>>> generating requests with random $au values.
>>>
>>> in order to avoid that, the script should include check if $au exists
>>> before adding it to dictionary. on am i missing something?
>>>
>>>
>> yes, it should be done when return code of www_authorize is -2 (wrong
>> password):
>> http://kamailio.org/docs/modules/devel/auth_db.html#id2467588
>>
>
> Hi Ramona!
>
> Could you please improve the example snippet in htable README? thanks
>
Hi Klaus,
yes, I have just committed an update.
Regards,
Ramona
More information about the sr-users
mailing list