Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DSP-S in a PBX NS-700 was Overloaded 1

Status
Not open for further replies.
Nero990

Nero990

Technical User
Jul 21, 2021
8
DE
Hi, i recently had a case where a DSP-S in a PBX NS-700 was Overloaded for no ovious reason.
The office it was used in, was basically empty, so almost no calls and therefor no reason for a DSP
to be super busy. it was so busy that it wouldnt let me log in to the PBX. and of course there was no way to phone out or even internally.

the Solution that worked was to unplug it from network and then Update the Software to V 8.300 (it was 6.xxx)
but has anyone an idea what could have caused this issue?

Thanks for any kind of tips /advise in advance
 
Sort by date Sort by votes
It may have been an external SIP attack.
Are ports 5060 or 35060 open on the NAT?
 
Upvote 0 Downvote
@ Mike_K:
indeed port 5060 seems to be open because it is necessary for this SIP account. so you think it might have been an external DDOS attack at random ?
the weird thiung is, it seems it has stopped since we Updated the PBX software.
 
Upvote 0 Downvote
The firmware version 8.22 or later may have an SSAF feature.
 
Upvote 0 Downvote
Well i have Installed Firmware Version 8.300 but i didn't find any menu containing "SSAF" or SIP Address Filter but the "Attack" ended after the Update, so it might be enabled by default.
 
Upvote 0 Downvote
If your SIP provider provides you with a server IP, you should restrict port 5060 to their IP as your source IP on that port. This stops any other outside IP's from accessing the SIP trunk and attempting to crack the authentication.

Test before implementation though. Myself, I restrict 5060 and 35060 to the source IP of SIP providers, usually this is done in lieu of a SBC.
 
Upvote 0 Downvote
well i can not remember if there was an ip or dynamic adress from the SIP Provider, but i'd have to restrict the ports in the configuration of the router, which i dont administrate. or where would you set that restriction?
 
Upvote 0 Downvote
Restricting ports would be on the router side, so you'd have to get in touch with the IT company. It's possible your SIP provider requires a SBC, which is an added cost, but it's basically a firewall appliance designed for SIP. They're not exactly cheap, that being said.
 
Upvote 0 Downvote
Thanks for that piece of Information Tele-tech. it's greatly appreciated.
if necessary i'll get in touch with the IT-Consultant thats responsible for that network and tell him about the SBC.
but since the time i've updated the PBX it seems nothing has happened
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

itsthephoneman
  • Locked
  • Question
NS 700
Replies
2
Views
125
omonat
omonat
soshianet
  • Locked
  • Question
NS series Sales Company access
Replies
2
Views
354
kizo
kizo
Alex Shimmin
  • Locked
  • Question
NS-700 System Prompts
Replies
0
Views
118
Alex Shimmin
Alex Shimmin
T
  • Locked
  • Question
NS 500 call waiting to specific extension
Replies
2
Views
355
Ired
Ired
C
  • Locked
  • Question
PBX TDE-100 music on hold
Replies
12
Views
827
cheezyDoggy
C

Part and Inventory Search

Sponsor

Back
Top