Sjur Usken

Views on new technologies and business opportunities from Sjur Usken

VoIP Abuse project – block the scanners


People has gotten tired of the VoIP scannings. Sometimes they manage to abuse the PBX or just fill up the logs with all the attempts. So Mr. Oquendo started on a list of IP addresses and networks that should be blocked.

The VoIP Abuse Project is aimed at minimizing abuse for networks that have publicly accessible PBX’s. As a security engineer at a managed service provider, one of our services is VoIP. Throughout the course of the day, I got tired of seeing VoIP based brute force attempts that I decided to out companies who sit around and choose to do nothing about the attacks coming from their networks. As a courtesy I often take the time out of my work day to write constant emails to abuse and security desks which go nowhere.

The link: http://www.infiltrated.net/voipabuse/

Personally I think companies should have a white list, just enabling the IPs that you really need to allow traffic from, but that is not easy if you are a VoIP provider with clients all over the world.

Next step on this list would be to automate the whole process.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: