[asterisk-biz] PBX Hacker IP List

Darren Wiebe darren at aleph-com.net
Mon Mar 16 14:23:07 CDT 2009


JR Richardson wrote:
>> No matter how the system is set up there should be a way to easily add
>> known-good IP as they relate to a particular installation.
>>
>>     
> The Project Honey Pot looks great.
>
> I'm not too keen on white listing though.  It would be hard to verify
> an attacker's IP's that hasn't been identified as bad yet.  I'm sure
> some hackers would troll the black list and try to add their IP's as
> known good.  I don't think this would be some automated mechanism for
> PBX server subscription, at least not yet.
>
> I'm thinking more along the lines of a central list, updated by
> community participants, to add IP's that have attacked them, with
> date/time of the attack.  It would be up to the PBX admin to employ a
> filter with those black listed IP's or disregard the list all
> together.
>
> Thanks
>
> JR
>  --
> JR Richardson
> Engineering for the Masses
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
>   
This program is specific to SSH but we've been very, very happy with the 
way that the denyhosts program works.  It shares a list of ip addresses 
with a central server.  However, it's easy to add your own whitelist 
that your system uses.  I envision the same sort of functionality here.

-- 
Darren Wiebe
darren at aleph-com.net

Aleph Communications
www.aleph-com.net




More information about the asterisk-biz mailing list