[Freeswitch-users] (no subject)
Stanislav Sinyagin
ssinyagin at gmail.com
Wed Oct 22 04:35:02 MSD 2014
(now on a normal keyboard)
Kamil,
when you use the "limit" application and increase the user's counter, it
keeps its value only within the context where it was originally called. If
you, for example, used pieces of the original (Vanilla) FreeSWITCH
configuration, there are bind_meta_app bindings which send the call into
another context ("features"). Once it's done, the user's limit counter is
lost, and you need to increment it again in the new context.
Also, why don't you implement daily and monthly minute limits and block the
user as soon as these limits are reached?
On Tue, Oct 21, 2014 at 9:21 PM, Stanislav Sinyagin <ssinyagin at gmail.com>
wrote:
> Limit resets as soon as the call leaves the context - could that be the
> reason?
> On Oct 21, 2014 8:44 PM, "Kamil Nigmatullin" <kamil.nigmatullin at gmail.com>
> wrote:
>
>> Dear all,
>>
>> Today we had an attack. One of our clients lost password to his SIP
>> account. So with this password attackers made calls on our client's behalf
>> to very expensive destinations.
>>
>> We have Opensips as a border controller and Freeswitch as a Softswitch.
>> This phone was confugured for 1 concurrent line using module limit of FS.
>> Howerver they somehow managed to make several concurrent calls per one
>> account. On CDR's we found that there was Attended transfer. Does anybody
>> knows what kind of attack was that and how I can protect us against this?
>> Is it sip refer attack when attacker set REFERED BY HEADER?
>>
>> When I check if limit works whith a sipphone, I see that it worked 100%.
>>
>> Thanks in advance
>>
>> --
>> Kamil Nigmatullin
>> Tel: 77272323748
>> mob: 7 (707) 2517003
>> Skype: kamil.nigmatullin
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>>
>>
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20141022/538b867d/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list