[asterisk-security] Honeypot Project

Tim Nelson tnelson at rockbochs.com
Wed Oct 12 13:40:53 CDT 2011


----- Original Message -----
> Hi All,
> 
> I'm not the first to try to start a VOIP blacklist but currently
> working on a project for the next 12 hours, hopefully I can get it up
> soon. What I intend to do is to work with a few reliable Harvester to
> gather the logs. A simple script to parse it then extract the list of
> attackers IP, compile them and send them out to the list.
> 
> If any of you are kind enough to zip and send me a
> /var/log/asterisk/messages that contain hacker's scan & attack, it
> will be helpful to my research. Do email me at
> jack at asteriskhoneypot.com . Let me know if you are keen to be a
> harvester as well.Thanks.
> 

While ambitious, there have always been questions surrounding projects of this type. Namely:

-What is to stop your 'harvesters' from supplying IPs of known good hosts (for whatever reason)?
-What process is in place to get an IP/subnet removed from your list if it does not belong there?
-Is this a personal project, or is there a commercial entity 'behind the scenes'?

--Tim



More information about the asterisk-security mailing list