[asterisk-users] Toll fraud detection/password script
J. Oquendo
sil at infiltrated.net
Thu Nov 22 08:56:26 CST 2007
So I was bored yesterday and tried solving a few
problems with one stone:
1) Notify me of potential brute forcers (multiple attempts
to register multiple numbers from one address)
2) Notify me of (l)users who are having password issues
So I whipped up a simple script to run in cron and
notify me that UserX from X_IP_Space had X amout of
password issues. I'm currently running this from
cron and it works fine. My personal version is
modified to block (l)users after 10 failures on
2 separate accounts or 50 failures on one account.
Methodology is, if someone hasn't complained within
two minutes of something happening to their phones
that they can't log in, then they won't need to
use that phone right now. Let them call in and
complain...
http://www.infiltrated.net/scripts/astrap
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)
echo c2lsQGluZmlsdHJhdGVkLm5ldAo=|\
python -c "import sys; print sys.stdin.read().decode('base64')"
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
More information about the asterisk-users
mailing list