Protection from DoS attacks

Link copied to clipboard

As Denial-of-Service (DoS) attacks are fairly common in the VoIP world, service providers must take proactive measures to ensure that service is not affected. The PortaSIP DoS prevention feature utilizes the PortaSIP cluster protector – the built-in firewall – to block network traffic coming from specific IP addresses once too many requests in a row have been sent (beyond the reasonable amount that would be generated by a legitimate SIP phone, proxy or gateway). The management interface for the module is very easy to configure via the Configuration server web interface.

DoS protection configuration

You may configure what maximum number of SIP requests will be accepted from each IP address, or set a limit for INVITE/OPTIONS/REGISTER SIP requests, separately. SIP requests above that limit will be dropped and logged for future investigation.

DoS prevention functionality also covers CPE provisioning via HTTP and TFTP protocols and is enabled for every web server instance by default. On the Configuration server, the administrator configures the time interval and the maximum number of packets that can be sent from a particular UA during that interval. If the UA sends too many requests for provisioning, any packets above that limit will be dropped.

On this page