17 Sep
2012
17 Sep
'12
2:42 p.m.
Instead of using /exit/, which causes the /User Agent: friendly-scanner/
to keep sending packets waiting for a reply, I use /sl_send_reply("200",
"OK"); exit;/ the reason for this is that the friendly-scanner seems to
stop after it finally receives a 200 OK thinking it got a valid
registration back, it usually immediately stops scanning and any
saturation on our links drops way back down.
On 17/09/2012 6:25 AM, Klaus Darilion wrote:
On 17.09.2012 09:08, Vijay Thakur wrote:
All Experts,
I want to change my SIP port from 5060 for other one. Before making any
change in my live server (Kamailio 3.2.1, i want to be sure.
Kindly suggest me that where should i make changes to implement it. This
is a security measure for kamailio from port scanning.
This is just "security by obscurity" and of course your SIP proxy
configuration must be secure to handle such scanning attacks.
Nevertheless these scans are annoying and using a non-default port is
a good practice. You can change the port easily with the "listen"
directive, see http://www.kamailio.org/wiki/cookbooks/3.3.x/core#listen
Further, this snippet at the beginning of your config may help too:
# ignore requests generated by sipvicious
# User-Agent: friendly-scanner
if ($ua == "friendly-scanner") {
exit;
}
regards
Klaus
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users