Comments on SIPVicious: How to crash SIPVicious - introducing svcrash.py

A big thanks for svcrash - worked a treat today af...

2010-11-29T12:05:48.412-08:00

A big thanks for svcrash - worked a treat today after the useless cretins at softlayer have done nothing (three emails, a tweet, a phonecall and three days later).

@Klaus: yes, and I answered that question here: ht...

2010-06-24T06:11:43.143-07:00

@Klaus: yes, and I answered that question here:
http://code.google.com/p/sipvicious/wiki/SvcrashFrequentlyAskedQuestions#Won%27t_the_attackers_catch_up_and_fix_the_bug?

From the faq:
"""
The logic: flooding VoIP providers doesn't do anyone good (granted that the attackers want free phone calls). Therefore the timeout added in SIPVicious version 0.2.5 is actually beneficial for both the victims and the attackers.
"""

New version has the bug fixed.

Oh, and as I explain the FAQ, I don't expect this to be a solution. It helps mitigate but not solve the problem of bandwidth saturation.

Contact me if you think the FAQ doesn't cover all these issues ;-)

Don't you think that attackers can edit python...

2010-06-24T05:53:40.090-07:00

Don't you think that attackers can edit python code to remove the timeout and handle the exception?

Freeswitch log - that would be great. Make sure th...

2010-06-22T23:17:40.627-07:00

Freeswitch log - that would be great. Make sure that you get the source port and ideally, the user-agent or some other indication. Right now I think the best solution is the scapy / sniffing solution

Love the update, I'm going try and convince on...

2010-06-22T17:27:54.267-07:00

Love the update, I'm going try and convince one of our programmers to add in Freeswitch log checking.

Assuming it isn't already in there.