|Summary:||ASTERISK-04946: [request] [post 1.2] too many manager connections make asterisk unusable|
|Reporter:||Jon Hood (squinky86)||Labels:|
|Date Opened:||2005-08-31 13:47:53||Date Closed:||2005-09-06 18:02:42|
|Description:||It's too easy to flood the asterisk manager with too many connections. A connection limit (max_connections) should be available in manager.conf. To take down any public asterisk server with an open manager interface, simply run:|
$ while [ 1 ]; do telnet <asteriskboxip> 5038 > /dev/null & echo -n "." ; done
Within a few seconds, asterisk will become unusable.
The only workarounds are to disable the asterisk manager or make sure it is not accessible to an untrusted network.
|Comments:||By: Michael Jerris (mikej) 2005-08-31 13:50:42|
I suggest you place a bounty to get this done. In practice the suggested way to use manager is through some sort of proxy if you will have a lot of connections.
By: Olle Johansson (oej) 2005-08-31 13:51:52
A better solution would be using the manager proxy for distributing information. With that, we could have one secure (tunneled) connection that proxies out to many on another system.
By: Michael Jerris (mikej) 2005-09-06 18:02:40
Closing request due to no response. I recommend that you move this request to the bounty form on the wiki, or contract the work out if you are unable to resolve it yourself. Using a manager proxy is still the recomended way to resolve this issue.