How to configure to block OpenSBC SIP INVITE DoS in SonicOS Enhanced.

Description

This article explains how to block OpenSBC SIP INVITE DoS.

Intrusion Prevention
Enable IPS in zones

Resolution

OpenSBC SIP INVITE DoS is an unspecified vulnerability in the OpenSBC which allows remote attackers to cause a denial of service via a SIP INVITE request.


Intrusion Prevention:

Go to Security Services ->Intusion Prevention and follow the following steps:

>> Step 1: Enable IPS check box at the top of the page.

>> Step 2: Enable "Prevent All" and "Detect All" for medium priority risks.

>> Step 3: Under IPS policies make the category as "VoIP Attacks" and make the priority as "Medium".
Image
>> Step 4: Click on the configuration button of "OpenSBC SIP INVITE DoS"

>> Step 5 : Enable prevention and detection for "OpenSBC SIP INVITE DoS"
Image
After enabling the prevention and detection the page will look like this.
Image
By default when you enable medium priority the prevention and detection block for OpenSBC SIP INVITE DoS will be enabled.

Enabling IPS in Zones:

Go to Network --> Zones and follow the following steps.

>> Step 1: Click on configure button in LAN zone and enable IPS check box.

>> Step 2: Click on configure button in WAN zone and enable IPS check box.
Image

Related Articles

  • How to block ICMP (Ping ) using Application control
    Read More
  • SonicWall GEN8 TZ and NSa Firewalls FAQ
    Read More
  • How to configure Link Aggregation
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community