Most people search for
Switches Routers Servers Storage Data Center Energy Cloud Computing
Search history

FAQ-eSpace U1960 stop handling register request from IP Phone because message overflow

Publication Date: 2019-06-19 | Views: 584 | Downloads: 0 | Author: SU1001299054 | Document ID: EKB1000084070

Contents

Issue Description Solution

Issue Description

a customer from one country, feedback one issue that their IP Phone will lost registration sometimes, and registration will restore after some seconds.

we request the U1960 logs and make an analysis. we found customer's network is not safe, and our U1960 was attacked by some device in public network, and caused our U1960 message overflow.

U1960 message overflow:(U1960 will receive 188 times register request at the worst situation)

[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (178/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (179/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (180/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.63][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (181/s)
[109][0x00000015][2015-08-03 15:19:43.63][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.63][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (182/s)
[109][0x00000015][2015-08-03 15:19:43.63][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.64][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (183/s)
[109][0x00000015][2015-08-03 15:19:43.64][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.64][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (184/s)
[109][0x00000015][2015-08-03 15:19:43.64][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.65][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (185/s)
[109][0x00000015][2015-08-03 15:19:43.65][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.65][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (186/s)
[109][0x00000015][2015-08-03 15:19:43.65][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.66][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (187/s)
[109][0x00000015][2015-08-03 15:19:43.66][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.66][sipmain.c 10397]Occur Sip REGISTER message limit flux!! Flux (188/s)

and we found this register message come from public network, but customer's sip termianl located in subnet. so this is obvious that customer netwrok was attacked.

Solution

we feedback this analysis result to our customer. and suggest them to reinforce their network to avoid to be attacked again.

Comments and Reply

Feedback

FAQ-eSpace U1960 stop handling register request from IP Phone because message overflow

Issue Description

Solution

About Huawei

How to Buy

Partner

Resources

Others

Enterpise App

Enterprise

Corporate

Consumer

Carrier

Africa

Latin America

Middle East

Asia Pacific

North America

Europe

FAQ-eSpace U1960 stop handling register request from IP Phone because message overflow

Issue Description

Solution

About Huawei

How to Buy

Partner

Resources

Others

Enterpise App