[OpenSIPS-Users] Ghost calls 1001
David Villasmil
david.villasmil.work at gmail.com
Thu Apr 20 18:50:07 EDT 2017
I've always seen the invite, then my "auth required" and then they usually
never answer, but the keep trying invites with other destination numbers.
That's why you need to setup your fail2ban
On Thu, Apr 20, 2017 at 11:42 PM Nabeel <nabeelshikder at gmail.com> wrote:
> In a ghost call, there is no RTP -- only the INVITE. If you answer a ghost
> call, there will be no response. Usually, an IP scanner named 'SipVicious'
> directly sends the INVITE to your client, so your server may not come into
> play at all.
>
> On 20 Apr 2017 10:32 p.m., "Mundkowsky, Robert" <rmundkowsky at ets.org>
> wrote:
>
>> Do you mean a client is using SIP/RTP to make a call direct to backend
>> servers and bypassing the opensips proxy? Or somehow just using RTP without
>> SIP to bypass the opensips proxy?
>>
>>
>>
>>
>>
>> Robert
>>
>>
>>
>> *From:* Users [mailto:users-bounces at lists.opensips.org] *On Behalf Of *
>> Nabeel
>> *Sent:* Thursday, April 20, 2017 5:17 PM
>> *To:* OpenSIPS users mailling list <users at lists.opensips.org>
>> *Subject:* Re: [OpenSIPS-Users] Ghost calls 1001
>>
>>
>>
>> My understanding of ghost calls is that they go directly via the client
>> through a loophole in the IP range rather than through the SIP server
>> itself. In this case, server-based solutions don't seem likely to work?
>>
>>
>>
>> On 20 Apr 2017 10:08 p.m., "Mundkowsky, Robert" <rmundkowsky at ets.org>
>> wrote:
>>
>> User authentication at SIP level as well.
>>
>>
>>
>> Robert
>>
>>
>>
>> *From:* Users [mailto:users-bounces at lists.opensips.org] *On Behalf Of *Aqs
>> Younas
>> *Sent:* Thursday, April 20, 2017 4:55 PM
>> *To:* OpenSIPS users mailling list <users at lists.opensips.org>
>> *Subject:* Re: [OpenSIPS-Users] Ghost calls 1001
>>
>>
>>
>> iptables, fail2ban and ip authentication if your users have static ips.
>>
>>
>>
>> On 21 April 2017 at 01:46, Uzair Hassan <uzairhassan at shaw.ca> wrote:
>>
>> Hello all,
>>
>>
>>
>> I have setup a opensips 2.3 on a new server and I'm getting ghost calls
>> into my system. How do I stop these ghost call? The opensips server is
>> brand new. the install is clean and nothing has been touched after the
>> initial simple residential script setup. What can I do to defend myself
>> from these ghost calls.
>>
>> Thank you so much.
>>
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>>
>> ------------------------------
>>
>> This e-mail and any files transmitted with it may contain privileged or
>> confidential information. It is solely for use by the individual for whom
>> it is intended, even if addressed incorrectly. If you received this e-mail
>> in error, please notify the sender; do not disclose, copy, distribute, or
>> take any action in reliance on the contents of this information; and delete
>> it from your system. Any other use of this e-mail is prohibited.
>>
>>
>>
>> Thank you for your compliance.
>> ------------------------------
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>> ------------------------------
>>
>> This e-mail and any files transmitted with it may contain privileged or
>> confidential information. It is solely for use by the individual for whom
>> it is intended, even if addressed incorrectly. If you received this e-mail
>> in error, please notify the sender; do not disclose, copy, distribute, or
>> take any action in reliance on the contents of this information; and delete
>> it from your system. Any other use of this e-mail is prohibited.
>>
>> Thank you for your compliance.
>> ------------------------------
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170420/ae71bddb/attachment-0001.html>
More information about the Users
mailing list