Inviteflood is a tool to perform SIP/SDP INVITE message flooding over UDP/IP. This tool can be utilized to flood a target with INVITE Request Messages.
As long the tool continues flooding the PBX it will prevent clients from making telephone calls.
Considering how simple this DDoS attack is to execute and how successful it is against VoIP frameworks, it is an attack for which each administrator to have an emergency course of action.
- Run only applications required to provide and maintain VoIP services.
- Audit administrative and user sessions and service-related activities.
- Install and maintain server firewall, antimalware, and antitampering measures to deter DoS attacks.
- Require strong authentication for administrative and user account access.
- Maintain patch currency for an operating system and VoIP applications.