Summary:ASTERISK-04946: [request] [post 1.2] too many manager connections make asterisk unusable
Reporter:Jon Hood (squinky86)Labels:
Date Opened:2005-08-31 13:47:53Date Closed:2005-09-06 18:02:42
Versions:Frequency of
Description:It's too easy to flood the asterisk manager with too many connections. A connection limit (max_connections) should be available in manager.conf. To take down any public asterisk server with an open manager interface, simply run:

$ while [ 1 ]; do telnet <asteriskboxip> 5038 > /dev/null & echo -n "." ; done

Within a few seconds, asterisk will become unusable.

The only workarounds are to disable the asterisk manager or make sure it is not accessible to an untrusted network.
Comments:By: Michael Jerris (mikej) 2005-08-31 13:50:42

I suggest you place a bounty to get this done.  In practice the suggested way to use manager is through some sort of proxy if you will have a lot of connections.

By: Olle Johansson (oej) 2005-08-31 13:51:52

A better solution would be using the manager proxy for distributing information. With that, we could have one secure (tunneled) connection that proxies out to many on another system.

By: Michael Jerris (mikej) 2005-09-06 18:02:40

Closing request due to no response.  I recommend that you move this request to the bounty form on the wiki, or contract the work out if you are unable to resolve it yourself.  Using a manager proxy is still the recomended way to resolve this issue.