>From time to time a similar subject pops up on the list. I'd like to repeat it is extremely dangerous to ban IP based on a suspicious UDP activity. The source IP of an UDP packet can be easily forged, so if you start using fail2ban or other blacklist techniques, it can be very awesome to start sending bogus invite and let you blacklist all major SIP providers...
However I am using fail2ban on all my servers :-) Leandro 2011/10/12 Jack Honey Pot <j...@asteriskhoneypot.com> > Hi All, > > I'm not the first to try to start a VOIP blacklist but currently working on > a project for the next 12 hours, hopefully I can get it up soon. What I > intend to do is to work with a few reliable Harvester to gather the logs. A > simple script to parse it then extract the list of attackers IP, compile > them and send them out to the list. > > If any of you are kind enough to zip and send me a > /var/log/asterisk/messages that contain hacker's scan & attack, it will be > helpful to my research. Do email me at j...@asteriskhoneypot.com . Let me > know if you are keen to be a harvester as well.Thanks. > > Regards, > Jackster > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
