Handle DoS attack and OpenSER Pike module

2008-10-16
2013-05-09
  • Hi,

    I need to bother about crazy client by considering “Flood” detection technique. I can do it by using OpenSER Pike module which helps to keep trace of all (or selected ones) incoming request's IP source and blocks the ones that exceeded some limit.

    In my case: If the number of SIP messages from a single IP address to my SIP Proxy exceeds 100 per minute. Recommended action: Block IP for 12 hours.

    I tried with the pike module but I’m little bit confused with sampling, density, and timeout value.

    Please help me with example configuration by considering my point.

    Thanks,
    ARIF

     
    • replied on the "Open Discussions" forum.