VoIP Abuse project – block the scanners
September 27, 2010
Posted by on
People has gotten tired of the VoIP scannings. Sometimes they manage to abuse the PBX or just fill up the logs with all the attempts. So Mr. Oquendo started on a list of IP addresses and networks that should be blocked.
The VoIP Abuse Project is aimed at minimizing abuse for networks that have publicly accessible PBX’s. As a security engineer at a managed service provider, one of our services is VoIP. Throughout the course of the day, I got tired of seeing VoIP based brute force attempts that I decided to out companies who sit around and choose to do nothing about the attacks coming from their networks. As a courtesy I often take the time out of my work day to write constant emails to abuse and security desks which go nowhere.
The link: http://www.infiltrated.net/voipabuse/
Personally I think companies should have a white list, just enabling the IPs that you really need to allow traffic from, but that is not easy if you are a VoIP provider with clients all over the world.
Next step on this list would be to automate the whole process.