[asterisk-security] Honeypot Project
Grzegorz Pycia
grzegorz.pycia at thulium.pl
Thu Oct 13 02:54:53 CDT 2011
On 12.10.2011 19:51, Jack Honey Pot wrote:
> Hi All,
>
> I'm not the first to try to start a VOIP blacklist but currently
> working on a project for the next 12 hours, hopefully I can get it up
> soon. What I intend to do is to work with a few reliable Harvester to
> gather the logs. A simple script to parse it then extract the list of
> attackers IP, compile them and send them out to the list.
>
> If any of you are kind enough to zip and send me a
> /var/log/asterisk/messages that contain hacker's scan & attack, it
> will be helpful to my research. Do email me at
> jack at asteriskhoneypot.com <mailto:jack at asteriskhoneypot.com> . Let me
> know if you are keen to be a harvester as well.Thanks.
>
For such purposes I usually use fail2ban(www.fail2ban.org) or
SEC(http://simple-evcorr.sourceforge.net/)
It simplifies whole process, what you need is just regexp to catch
failed attempts.
Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-security/attachments/20111013/63f48ee4/attachment.htm>
More information about the asterisk-security
mailing list