El 16/06/11 12:44, Henning Westerholt escribió:
Hi Anto,
having different systems is one solution, you could also just use internally
in one server different traffic classes for the user sets you have.
You should also look into the htable module for account/ password brute force
detection. If you want to implement something w/r to the origination country
of certain traffic, there is the geoip module which can provide you this
informations, wich you could also combine with the modules already discussed.
With regards to user accounts, one thing you probably want to look at is
password security and fraud or misuse detection logic. Smart attackers will
find ways around your proactive measures, and you need to respond actively,
like blocking users after you detected something malicious.
Best regards,
Henning
Hi
There were planning to use the module htable and pike to prevent
attacks. The biggest question I have is: if I have an account and
simultaneously make a call would be nice, but I have another account to
send multiple simultaneous calls, the pike module might detect this as
"aggressive" and detect a false positive, if configured a level for the
first, nor is it viable proxy depending on several channels. Could be
allocated in usr_preference in number of channels, but you might not
know ... I can not think how.
Another option is to store a variable login attempts and block the
account X minutes. Thank you very much.
Regards
Anto
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
