You'll of course be making the data pile available for anyone who wants to
analyse the trends?
signature.asc
Description: This is a digitally signed message part.
___
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz ma
On Tue, Mar 17, 2009 at 7:10 PM, JR Richardson wrote:
> Thank you for your great input. I have made contact with Project
> Honey Pot http://www.projecthoneypot.org/ and they are willing and
> able to help. I have been talking through some scenarios and would
I'm following this discussion with i
gt; To: asterisk-biz@lists.digium.com
> Subject: Re: [asterisk-biz] PBX Hacker IP List (Good News)
>
> Hi All,
>
> Thank you for your great input. I have made contact with Project
> Honey Pot http://www.projecthoneypot.org/ and they are willing and
> able to help. I have been talkin
Hi All,
Thank you for your great input. I have made contact with Project
Honey Pot http://www.projecthoneypot.org/ and they are willing and
able to help. I have been talking through some scenarios and would
like to solicit participants to be included in the correspondence. We
have some ideas ar
On Mar 16, 2009, at 8:41 PM, Michael Jerris wrote:
>
> On Mar 16, 2009, at 8:18 PM, John Todd wrote:
>>
>> [Phil and Cyril - the quick synopsis here is that Asterisk systems
>> are
>> being hit with some frequency with brute-force SIP password or
>> extension guessing attacks. Asterisk can out
On Mar 16, 2009, at 8:18 PM, John Todd wrote:
>
> [Phil and Cyril - the quick synopsis here is that Asterisk systems are
> being hit with some frequency with brute-force SIP password or
> extension guessing attacks. Asterisk can output logfiles (non-
> customizable) of failures.]
>
> JR and I had
[cc'ed Phil Schwartz of DenyHosts and Cyril Jaquier of Fail2Ban]
On Mar 16, 2009, at 12:05 PM, JR Richardson wrote:
>> No matter how the system is set up there should be a way to easily
>> add
>> known-good IP as they relate to a particular installation.
>>
> The Project Honey Pot looks great.
You guys are completely on the right track. The only other thing I'd do
is add some kind of logging system so that if an IP gets blacklisted,
we can show WHY it got blacklisted. (X brute force attaches / second,
etc - example passwords tried, etc.) This way if a system gets blocked
that is legi
JR Richardson wrote:
>> No matter how the system is set up there should be a way to easily add
>> known-good IP as they relate to a particular installation.
>>
>>
> The Project Honey Pot looks great.
>
> I'm not too keen on white listing though. It would be hard to verify
> an attacker's IP's
> No matter how the system is set up there should be a way to easily add
> known-good IP as they relate to a particular installation.
>
The Project Honey Pot looks great.
I'm not too keen on white listing though. It would be hard to verify
an attacker's IP's that hasn't been identified as bad yet
voip-aster...@maximumcrm.com wrote:
> IANAL, but you'll need a very strong disclaimer concerning the
> risk of blocking good calls.
>
> No matter how the system is set up there should be a way to easily add
> known-good IP as they relate to a particular installation.
>
>
As well as a dispute m
> I would like to pool our resources and start an IP list of known PBX
> Hackers. As a US service provider I get hit pretty often with bots
> trying brute force username/password attacks, mostly coming form overseas.
> I had several attacks this weekend and it got me thinking about a list that
> c
:
Subject: [asterisk-biz] PBX Hacker IP List
___
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
Hi All,
I would like to pool our resources and start an IP list of known PBX
Hackers. As a US service provider I get hit pretty often with bots
trying brute force username/password attacks, mostly coming form overseas.
I had several attacks this weekend and it got me thinking about a list that
co
14 matches
Mail list logo
