Re: [Ekiga-list] DOS problem

From: Eugen Dedu <Eugen Dedu pu-pm univ-fcomte fr>
To: Ekiga mailing list <ekiga-list gnome org>
Subject: Re: [Ekiga-list] DOS problem
Date: Mon, 19 Oct 2009 20:15:41 +0200

bnc netspeed com au wrote:
> On Fri, 16 Oct 2009 10:18:48 +0200
> Eugen,
> see below.
>> Damien Sandras wrote:
>>> Le jeudi 15 octobre 2009 à 15:26 +1000, bnc netspeed com au a
>>> écrit :
>>>> Hi,
>>>> I have mentioned this problem before but I now have some more info.
>>>>
>>>> I have about 40 numbers in my contact list, when ekiga tries to
>>>> register it issues a dns subscribe request for every single phone
>>>> number really quickly and repeats this.
>>>> I have just rung my isp and they saw the requests coming in and
>>>> treat it as a DOS attack and block my phone for 30mins.
>>>> Hence the registration drops out, and the cycle starts again.
>>>>
>>>> In my case most of my contact list are normal phones not actual sip
>>>> addresses, it makes no sense to try to determine their status.
>>>>
>>>> So my ekiga 3.2.6 is unusable at present.
>>>>
>>>> Please advise if there is a way to turn this function off.
>>> There is no way currently.
>>> I do not know how to fix that without adding a new obscure setting
>>> to Ekiga.
>>>
>>> Perhaps using the address book would be more appropriate than the
>>> contact list for that specific case ?
>> The problem is not that ekiga does a DNS request for each contact
>> (even if a DNS cache could be implemented in opal to optimise this);
>> the problem is that it issues many DNS requests.  How does this
>> happen?
>>
>> Could that be a DNS configuration problem?  Reporter, could you check:
>> - how many DNS requests are sent with only one contact (one or many?)
> I removed all of my contacts except one.
> Fired up ekiga again and approx 8 dns messages got fired off. These
> were being repeated every 30secs or so.
> Went into accounts and unregistered, the dns messages stopped.
> 
> Waited 30mins because my isp told me that they block the port for that
> time.
> 
> Went into accounts and reregistered, same deal as above.
> 
>> (In *normal* gconf configuration, you could save your config  with "cp
>> -a .gconf/apps/ekiga .gconf/apps/ekiga-save", and restore it
>> afterwards)
> did not do this but I can soon put the numbers back.
> 
>> - with wireshark if your firsts DNS requests receive errors, so ekiga
>>
> Ok, I am familiar with wireshark, but have not done this yet. What
> would be the best ports to put it on?
> dns(53) or 5060?

Close network-using applications (such as icedove/thuderbird).  You
start wireshark, listen to your interface, start ekiga, wait for the
flood, stop listening in wireshark.  That's all.

> Am I supposed to put a dns server somewhere into ekiga?

No.  Could you just show us the content of /etc/resolv.conf?

-- 
Eugen

Follow-Ups:
- Re: [Ekiga-list] DOS problem
  - From: bnc

References:
- [Ekiga-list] ekiga 3.2.6 won't call
  - From: Javier Barroso
- Re: [Ekiga-list] ekiga 3.2.6 won't call
  - From: yannick
- Re: [Ekiga-list] ekiga 3.2.6 won't call
  - From: Damien Sandras
- Re: [Ekiga-list] ekiga 3.2.6 won't call
  - From: Javier Barroso
- Re: [Ekiga-list] ekiga 3.2.6 won't call
  - From: Javier Barroso
- [Ekiga-list] DOS problem
  - From: bnc
- Re: [Ekiga-list] DOS problem
  - From: Damien Sandras
- Re: [Ekiga-list] DOS problem
  - From: Eugen Dedu
- Re: [Ekiga-list] DOS problem
  - From: bnc

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]