[Kamailio-Users] htable dictionary attack example
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Jan 22 09:46:39 CET 2009
Elena-Ramona Modroiu schrieb:
> Hi,
>
> Juha Heinanen wrote:
>> htable module README has a dictionary attack limitation example. i'm
>> afraid to "try it at home", because it seems to me that it in turn opens
>> up a dos attack possibility: exhausting proxy shared memory by
>> generating requests with random $au values.
>>
>> in order to avoid that, the script should include check if $au exists
>> before adding it to dictionary. on am i missing something?
>>
> yes, it should be done when return code of www_authorize is -2 (wrong
> password):
> http://kamailio.org/docs/modules/devel/auth_db.html#id2467588
Hi Ramona!
Could you please improve the example snippet in htable README? thanks
klaus
More information about the Users
mailing list