[Kamailio-Users] How to handle DoS attack and OpenSER Pikemodule!
Arif-Uz-Zaman
arif.zaman at brotecs.com
Tue Oct 14 14:38:21 CEST 2008
Hello Daniel,
I've tested according to your suggessions but No Luck. I've configured to
block for 10 minutes and its working but not works for 2 hours. Please help
me with your comments.
Thanks,
ARIF
-----Original Message-----
From: users-bounces at lists.kamailio.org
[mailto:users-bounces at lists.kamailio.org] On Behalf Of Daniel-Constantin
Mierla
Sent: Tuesday, October 14, 2008 3:05 PM
To: Arif-Uz-Zaman
Cc: users at lists.kamailio.org
Subject: Re: [Kamailio-Users] How to handle DoS attack and OpenSER
Pikemodule!
Hello,
On 10/14/08 09:32, Arif-Uz-Zaman wrote:
> Hi all,
> I need to bother about crazy client by considering "Flood" detection
> technique. I can do it by using OpenSER Pike
> <http://kamailio.org/docs/modules/1.2.x/pike.html> module which helps
> to keep trace of all (or selected ones) incoming request's IP source
> and blocks the ones that exceeded some limit.
>
> In my case: If the number of SIP messages from a single IP address to
> my SIP Proxy exceeds *200* per minute. Recommended action: Block IP
> for 2 hours.
>
> I tried with the pike module but I'm little bit confused with
> sampling, density, and timeout value.
>
> Please help me with example configuration by considering my point.
>
have you tried:
modparam("pike", "sampling_time_unit", 60) modparam("pike",
"reqs_density_per_unit", 200) modparam("pike", "remove_latency", 7200)
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://www.asipto.com
_______________________________________________
Users mailing list
Users at lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list