[VOIPSEC] VoIP bots for SPIT available for research

dan_york at Mitel.com dan_york at Mitel.com
Mon May 7 10:19:00 CDT 2007 

Radu,

You'll see over on the Voice of VOIPSA weblog that I wrote a post about 
your program:
 
 
http://voipsa.org/blog/2007/05/07/ready-or-not-here-come-the-irc-controlled-sipvoip-attack-bots/

I did try out your code on my home office test network and it did 
definitely work as advertised.  Rather interesting from a technical 
perspective.  Rather frightening if you think about having hundreds or 
thousands of these things executing a DDoS against your SIP servers. 

You'll note that in my article I wrote about potential solutions (and 
requested comments)...   and did encourage people to take a look at your 
code and try it out.  Given the traffic that the VOIPSA blog gets (and 
it's inclusion in the Security Bloggers Network), I imagine you'll see 
some traffic coming your way over the next few days.

I think I can speak for others involved with VOIPSA in saying that we knew 
such automation of attacks was only a matter of time, given the tools out 
there.  I also think all of us would prefer botnets capable of attacking 
VoIP be something farther out... and maybe they will be.... 

In any event, it certainly highlights the fact that we as an industry need 
to sort out SIP security issues (something I posted on last week at 
http://voipsa.org/blog/2007/05/03/sipit-20-shows-the-very-clear-need-for-sip-security-interoperability/ 
)

Regards<
Dan





"Radu State" <state at loria.fr>
Sent by: voipsec-bounces at voipsa.org
05/03/2007 11:01 AM
 
        To:     <voipsec at voipsa.org>
        cc: 
        Subject:        [VOIPSEC] VoIP bots for SPIT available for 
research


As some on this mailing list are working as we do on defensive solutions 
for
VoIP, we have released a VoIP bot to be used only for research activities
related to SPIT/DOS/Authentication attacks  prevention in VoIP

 

The bot uses IRC/server as a command and control infrastructure.

 

 

It can perform SPIT/DOS/CRACK/SCAN /REGISTER against a proxy server.

We are not responsible for any usage which is not purely academic 
research.

 

 

You can download the code/documentation from the following links: 

 

 

the documentation :
     <http://www.loria.fr/~nassar/readme.html>
www.loria.fr/~nassar/readme.html 
and the code source : 
     <http://www.loria.fr/~nassar/javabot(code_source>
www.loria.fr/~nassar/javabot(code_source).zip
we can only provide the executable jar : 
     <http://www.loria.fr/~nassar/javabot.zip>
www.loria.fr/~nassar/javabot.zip

 

 

We will release an enhanced version in a short future. 

Radu State

 

 

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list