lance@YSL Posted August 7, 2007 Report Share Posted August 7, 2007 Hi, Just trying to establish some further specifics on how PBXnSIP controls DoS (denial of service)? I.e. what are the criteria at which PBXnSIP assumes a DoS attack and starts limiting connections to compensate... I have found out that the http_rate setting in the global conf xml, but we need further understand of this feature... 1) to know what will trigger it and 2) to see how to set it realistically in a higher than normal call environment.. Cheers Lance Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted August 7, 2007 Report Share Posted August 7, 2007 The http_rate is a setting that protects the web server. If simply says how many HTTP connections are accepted per second. The default is 5. Usually the web browsers re-use one connection, so that 5 per second should be a reasonable value. If you want to use SOAP and open a new connection for every request, you might need to change that value. There is another setting called "max_udp_invite". This setting limits the number of new INVITE requests coming in over UDP, which effectively present call attempts. The default value is 10, limiting the number of new calls per second to 10. INVITE over TCP or TLS are handled differently. Because the PBX needs to accept a connection, we have a TCP attack problem anyway. The PBX simply waits 500 ms after every TCP connection. That might lead to a waiting line for fresh registrations, but for registrations waiting a few seconds is usually no problem. Then the number of SIP DoS attack over TCP/TLS is not as severe as over UDP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.