The invention refers to a method for preventing attacks on a network server (3) within a call-based-services-environment, preferably a VoIP-environment. The environment comprises a network (1), the network server (3) connected to the network (1), a number of user agents (2) connected to the network (1) and means (4) for restricting access to the network server (3) from the network (1). The call server (3) comprises an attack-detection device (8) for detecting and identifying attacks from the network (1) on the network server (3). In order to allow fast and reliable protection of the network server (3) against attacks it is suggested that

characteristic parameters of the attacks identified are entered into a black-list (6),
the content of the black-list (6) is transmitted via a feedback-path (7) to an attack-prevention-device (5) for controlling the access restricting means (4),
the attack-prevention-device (5) inspects and analyzes traffic directed from the network (1) to the network server (3) and controls the access restricting means (4) according to the content of the black-list (6) and according to the characteristic parameters of the traffic analyzed, and
the access restricting means (4) restrict access from the network (1) to the network server (3) according to control commands received from the attack-prevention-device (5).