[asterisk-biz] PBX Hacker IP List (Good News)

JR Richardson jmr.richardson at gmail.com
Tue Mar 17 13:10:07 CDT 2009


Hi All,

Thank you for your great input.  I have made contact with Project
Honey Pot http://www.projecthoneypot.org/ and they are willing and
able to help.  I have been talking through some scenarios and would
like to solicit participants to be included in the correspondence.  We
have some ideas around the centralized blacklist and data collection
method, they agree it should be automated as possible and they have
vast experience in this arena.  I believe the local PBX log parsing
model is a good approach and seems to work well for me personally.
Every nix based PBX has syslogd which can selectively parse logs and
submit relevant messages to remote collection servers.  Probably
updating PBX to rsyslog would be more useful.  Anyway, Project Honey
Pot is confident they can perform as the central blacklisting
repository for the community.  I have already sent them some real
hacker attempt log messages and we are talking through some logistics.

Who would like to be included in the discussions?  Feel free to
respond on or off list.  I can forward our current correspondence to
bring you up to speed.  Who I'm looking for participation from are
users that do have some time to contribute to this effort.  We will
also need a couple of developers to be in the loop as I'm sure
augmented code will have to make its way into Asterisk core.

A note to JT, should this come together into a useful tool in time for
Astricon, then certainly I would gladly speak on the subject.  I'm
planning on Speaking about Asterisk and OpenVZ Virtualization as a
primary presentation.

Thanks.

JR
-- 
JR Richardson
Engineering for the Masses



More information about the asterisk-biz mailing list