Freddy, this is why firewalls are "invented" and applied. This is what they do at their best. The best "place" filter a DoS attack is at the IP level, not the application one. ----- Original Message ----- From: "Freddy Parra" <fparra@xxxxxxxxxx> To: <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx> Sent: Monday, February 28, 2005 10:16 PM Subject: RE: Non-Responsive Jan, I will try to pin point the code as to where this is happening since I did get the core dump file for it. My concern now is as Michal pointed out that this can easily be exploited via DOS. The only thing someone would need is some form of generating calls like the call generator avail. to crash anyone's gatekeeper. I guess currently there is no other way to prevent this aside from creating firewall rules as Michal and Teodor stated or a patch solution like you described below. In the mean time, firewall rules seem to be the only fix. Most Linux distributions come with a default socket limit of 1024, which wouldn't take much calls to take someone's gatekeeper off line. Thanks. Freddy ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
