[VOIPSEC] Security collaborations
J. Oquendo
sil at infiltrated.net
Fri Feb 26 09:43:44 CST 2010
Hey all, unsure if I posted this idea to the list before, but I'll do so
again...
I've been thinking about putting together something similar to
Shadowserver's listing in regards to VoIP systems.
The idea is a simple one: Share information on VoIP based attackers.
Whether it's via scripts or submitted logs.
My concept is to use a program that detects VoIP toll fraud and brute
forcers and send the offenders IP addressing and all relevant
information to a source which others can use to block out attackers.
Now I know the nature of IP and I'm well aware of spoofing attacks
however, when it comes to VoIP attacks from what I've seen and analyzed,
there is almost always a definitive trend - I can discuss this off-list
- brute forcers and attackers are using. So it's difficult for someone
to spoof. Attacking a PBX from a compromised host is an altogether
different subject nevertheless, what is the interest in this?
Think of: Spamhaus meets Shadowserver meets an IPS system being distributed.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
More information about the Voipsec
mailing list