Hi All, Thank you for your great input. I have made contact with Project Honey Pot http://www.projecthoneypot.org/ and they are willing and able to help. I have been talking through some scenarios and would like to solicit participants to be included in the correspondence. We have some ideas around the centralized blacklist and data collection method, they agree it should be automated as possible and they have vast experience in this arena. I believe the local PBX log parsing model is a good approach and seems to work well for me personally. Every nix based PBX has syslogd which can selectively parse logs and submit relevant messages to remote collection servers. Probably updating PBX to rsyslog would be more useful. Anyway, Project Honey Pot is confident they can perform as the central blacklisting repository for the community. I have already sent them some real hacker attempt log messages and we are talking through some logistics.
Who would like to be included in the discussions? Feel free to respond on or off list. I can forward our current correspondence to bring you up to speed. Who I'm looking for participation from are users that do have some time to contribute to this effort. We will also need a couple of developers to be in the loop as I'm sure augmented code will have to make its way into Asterisk core. A note to JT, should this come together into a useful tool in time for Astricon, then certainly I would gladly speak on the subject. I'm planning on Speaking about Asterisk and OpenVZ Virtualization as a primary presentation. Thanks. JR -- JR Richardson Engineering for the Masses _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
