Re: [Ekiga-list] DOS problem

Le samedi 17 octobre 2009 à 13:26 +1000, bnc netspeed com au a écrit :
On Fri, 16 Oct 2009 10:18:48 +0200
see below.
> Damien Sandras wrote:
> > Le jeudi 15 octobre 2009 à 15:26 +1000, bnc netspeed com au a
> > écrit :
> >> Hi,
> >> I have mentioned this problem before but I now have some more info.
> >>
> >> I have about 40 numbers in my contact list, when ekiga tries to
> >> register it issues a dns subscribe request for every single phone
> >> number really quickly and repeats this.
> >> I have just rung my isp and they saw the requests coming in and
> >> treat it as a DOS attack and block my phone for 30mins.
> >> Hence the registration drops out, and the cycle starts again.
> >>
> >> In my case most of my contact list are normal phones not actual sip
> >> addresses, it makes no sense to try to determine their status.
> >>
> >> So my ekiga 3.2.6 is unusable at present.
> >>
> >> Please advise if there is a way to turn this function off.
> > 
> > There is no way currently.
> > I do not know how to fix that without adding a new obscure setting
> > to Ekiga.
> > 
> > Perhaps using the address book would be more appropriate than the
> > contact list for that specific case ?
> The problem is not that ekiga does a DNS request for each contact
> (even if a DNS cache could be implemented in opal to optimise this);
> the problem is that it issues many DNS requests.  How does this
> happen?
> Could that be a DNS configuration problem?  Reporter, could you check:
> - how many DNS requests are sent with only one contact (one or many?)
I removed all of my contacts except one.
Fired up ekiga again and approx 8 dns messages got fired off. These
were being repeated every 30secs or so.
Went into accounts and unregistered, the dns messages stopped.

Waited 30mins because my isp told me that they block the port for that

Went into accounts and reregistered, same deal as above.

> (In *normal* gconf configuration, you could save your config  with "cp
> -a .gconf/apps/ekiga .gconf/apps/ekiga-save", and restore it
> afterwards)
did not do this but I can soon put the numbers back.

> - with wireshark if your firsts DNS requests receive errors, so ekiga
Ok, I am familiar with wireshark, but have not done this yet. What
would be the best ports to put it on?
dns(53) or 5060?

Am I supposed to put a dns server somewhere into ekiga?

Where you blacklisted because of DNS requests ?!
It does not make sense...

 _     Damien Sandras
//\    Ekiga Softphone :
v_/_   Be IP           :
       FOSDEM          :
       SIP Phone       : sip:dsandras ekiga net

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]