[asterisk-biz] PBX Hacker IP List

JR Richardson jmr.richardson at gmail.com
Mon Mar 16 14:05:43 CDT 2009


> No matter how the system is set up there should be a way to easily add
> known-good IP as they relate to a particular installation.
>
The Project Honey Pot looks great.

I'm not too keen on white listing though.  It would be hard to verify
an attacker's IP's that hasn't been identified as bad yet.  I'm sure
some hackers would troll the black list and try to add their IP's as
known good.  I don't think this would be some automated mechanism for
PBX server subscription, at least not yet.

I'm thinking more along the lines of a central list, updated by
community participants, to add IP's that have attacked them, with
date/time of the attack.  It would be up to the PBX admin to employ a
filter with those black listed IP's or disregard the list all
together.

Thanks

JR
 --
JR Richardson
Engineering for the Masses



More information about the asterisk-biz mailing list