Instead of using exit, which
causes the User Agent: friendly-scanner to keep sending
packets waiting for a reply, I use sl_send_reply("200", "OK");
exit; the reason for this is that the friendly-scanner seems
to stop after it finally receives a 200 OK thinking it got a valid
registration back, it usually immediately stops scanning and any
saturation on our links drops way back down.
On 17/09/2012 6:25 AM, Klaus Darilion wrote:
On
17.09.2012 09:08, Vijay Thakur wrote:
All Experts,
I want to change my SIP port from 5060 for other one. Before
making any
change in my live server (Kamailio 3.2.1, i want to be sure.
Kindly suggest me that where should i make changes to implement
it. This
is a security measure for kamailio from port scanning.
This is just "security by obscurity" and of course your SIP proxy
configuration must be secure to handle such scanning attacks.
Nevertheless these scans are annoying and using a non-default port
is a good practice. You can change the port easily with the
"listen" directive, see
http://www.kamailio.org/wiki/cookbooks/3.3.x/core#listen
Further, this snippet at the beginning of your config may help
too:
# ignore requests generated by sipvicious
# User-Agent: friendly-scanner
if ($ua == "friendly-scanner") {
exit;
}
regards
Klaus
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users