> I would like to pool our resources and start an IP list of known PBX > Hackers. As a US service provider I get hit pretty often with bots > trying brute force username/password attacks, mostly coming form overseas. > I had several attacks this weekend and it got me thinking about a list that > could benefit the community. There was a great discussion about Asterisk > security on the "PBX Got Hacked" thread over the past couple of weeks and > someone did mention this type of list. > > I do not want to re-invent the wheel, is there such a list already > established that I may contribute to? If not, I would not mind hosting a > list on my website. I know there will be some particulars to be worked out, > list format, qualifying list entries, how the list will be updated, removing > entries, and items I haven't thought about.
I think a good starting point on how to handle this project would be www.projecthoneypot.org I don't think that there is an existing blacklist for Asterisk though > Are there any legal pitfalls with hosting such a list? IANAL, but you'll need a very strong disclaimer concerning the risk of blocking good calls. No matter how the system is set up there should be a way to easily add known-good IP as they relate to a particular installation. _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
