Blacklist Security (was: Re: [asterisk-biz] Voipjet provider)

Matthew Rubenstein email at mattruby.com
Wed Jun 7 12:06:44 MST 2006


	So if I register an account, report an "enemy" number with a lying
reason, then defend myself from flames for a while on some mailing list,
I can interrupt the enemy number's service?

	What kind of authentication is required when registering an account?
What stops me from reregistering after the flames take effect on my
original account, with a different identity, and doing it again? Or
registering multiple simultaneous accounts, and attacking several
numbers as long as that account's "credible"?

	Where's any cost to an attacker, in any way comparable to the damage
they can do to a target?


On Wed, 2006-06-07 at 14:13 -0400, Mike Lynchfield wrote:
> Ok good point the enum .
> 
> ill take a look.
> 
> #2.. to be on the list the qualifications are mainly 
>    1) be a 011 number ( thats where the fraud is)
>    2) be posted by a reg account
>    3) add a reason.. obviousely ( i hate hte guy) wont do. 
>    4) prepare to be flamed in public if it is proven you falsely
> created entries ;)
> 
> 
> 
> On 6/7/06, trixter aka Bret McDanel <trixter at 0xdecafbad.com> wrote:
>         On Wed, 2006-06-07 at 12:07 -0400, Mike Lynchfield wrote: 
>         > In life you always get what you pay for, except some times..
>         maybe 2
>         > times in a lifetime you get lucky.
>         >
>         
>         not always, sometimes the less expensive item is actually
>         better than
>         the one that costs more. 
>         
>         > Everyone wants everything free and get all the suppoprt with
>         it. thats
>         > common knowledge.
>         >
>         And companies like trxtel.com provide both free service and
>         support.  We 
>         even pay you instead of you paying us :)
>         
>         
>         > As long as hardware and services have a cost there will be
>         need for
>         > profit.
>         >
>         
>         agreed its just a matter of who is paying, given that we offer
>         a service 
>         free, provide support with that service (sometimes outside of
>         the scope
>         of the service we provide) and it doesnt cost the recipient of
>         the call
>         anything extra you gotta wonder ...  of course we dont provide
>         every 
>         service (yet)  We have plans of providing more services,
>         although all
>         cant be free :)
>         
>         
>         > So until we can replicate our xeon and sunfire's with
>         scotty's
>         > replicator we are offering something for the new users. 
>         >
>         
>         replicators are overrated.  How many times did they break?
>         
>         
>         > Root access to the box will be needed ( you can change the
>         password
>         > for a temporary one)
>         > If you don't feel comfortable with this ,we can try to
>         explain how to 
>         > do it.
>         >
>         > This applies to vanilla asterisk.
>         >
>         > Somebody said Service ?
>         
>         
>         That isnt bad service, just wonder if that will hold up if you
>         have many
>         new signups all requesting that at the same time stuff breaks,
>         or is 
>         this a promo service?
>         
>         
>         
>         
>         > ps : dont forget to help out the community at
>         > http://blackhole.theclubvoip.com
>         >
>         >
>         
>         here is an idea, why not roll that into an enum style service
>         where a 
>         client can do a enum query, if it exists they can either TTS
>         an err
>         message (perhaps "err:message here" ??) otherwise the call
>         goes through.
>         This would be trivial for you guys to create a little check
>         macro using 
>         asterisk's enum, be more or less portable with other services
>         that have
>         enum already installed (by creating a null route perhaps for
>         types sip
>         and whatever) be RBL style more or less (not identical
>         but ...) and
>         easier for people to query in general.
>         
>         powerdns for example is a dns server that takes many backends
>         incl
>         mysql/postgres so you can easily integrate this with whatever
>         front end
>         web whatever...
>         
>         You could even have different 'zones' voipspam, fraud,
>         suspicious, etc. 
>         and people could select which enum entries they want based on
>         subdomains.  Although I dont think asterisk allows you via the
>         dialplan
>         to limit calls based on SRC IP you could include IPs as well
>         as numbers
>         and do both inbound as well as outbound filtering. 
>         
>         
>         I am curious though what verification is done on a number to
>         say that
>         its 'bad' as opposed to someone doesnt like someone else so
>         they submit
>         all their numbers in the hopes of causing that person
>         grief.  Then there 
>         are people that scream fraud becuase they screwed up and didnt
>         charge
>         their costs, even on fixed cost numbers (people have claimed
>         that +448xx
>         excluding 800 (although those are banned many places becuase
>         its a 8* 
>         block) are fraud even though the termination costs for each
>         class of
>         service in the 8xx range is fixed - they just charged a
>         geographic rate
>         instead of a non-geo rate).
>         
>         So anyway to be clear, what is the verification process for a
>         number to 
>         be blacklisted?
>         
>         --
>         Trixter http://www.0xdecafbad.com     Bret McDanel
>         Belfast IE +44 28 9099 6461    DE +49 801 777 555 3402
>         Utrecht NL +31 306 553058      US WA +1 360 207 0479 
>         US NY +1 516 687 5200          FreeWorldDialup: 635378
>         http://www.trxtel.com we pay you to terminate calls with us!
>         
>         
>         -----BEGIN PGP SIGNATURE-----
>         Version: GnuPG v1.4.3 (GNU/Linux)
>         
>         iD8DBQBEhwVs
>         +1olxlzQw5cRAuVHAKCziJ09xQZkho723oxVs7eSaTHrMwCfdsJb
>         in3O9ekjIagT+hGhGeqiCmY=
>         =4N9c
>         -----END PGP SIGNATURE-----
>         
>         
>         _______________________________________________
>         --Bandwidth and Colocation provided by Easynews.com --
>         
>         asterisk-biz mailing list
>         To UNSUBSCRIBE or update options visit:
>            http://lists.digium.com/mailman/listinfo/asterisk-biz
>         
>         
> 
> 
> 
> -- 
> Mike
> Sales Manager
> http://www.theclubvoip.com
> Making it happen
> 1.888.470.7253 
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
-- 

(C) Matthew Rubenstein




More information about the asterisk-biz mailing list