Last Modified: Dec 10, 2018
See more info
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3
12.0.0, 11.6.0 HF4
Opened: Sep 23, 2014
SIP DOS does not drop the packets after attack is detected but counts the stats for drop packets.
SIP DOS Attack packets will not be dropped.
SIP DOS attack is detected.
This fix causes the system to drop SIP DoS attack packets. This change also restricts SIP/DNS DoS detection only to UDP packets. SIP/DNS DoS attacks over TCP and SCTP are not detected.
Prior to this release, SIP/DNS DOS detection and mitigation was supported on TCP,UDP and SCTP protocol packets. With this release SIP/DNS DOS detection and mitigation is only for UDP protocol packets. SIP/DNS DOS attacks will not be detected for TCP and SCTP protocol packets.