People has gotten tired of the VoIP scannings. Sometimes they manage to abuse the PBX or just fill up the logs with all the attempts. So Mr. Oquendo started on a list of IP addresses and networks that should be blocked.
The VoIP Abuse Project is aimed at minimizing abuse for networks that have publicly accessible PBX’s. As a security engineer at a managed service provider, one of our services is VoIP. Throughout the course of the day, I got tired of seeing VoIP based brute force attempts that I decided to out companies who sit around and choose to do nothing about the attacks coming from their networks. As a courtesy I often take the time out of my work day to write constant emails to abuse and security desks which go nowhere.
The link: http://www.infiltrated.net/voipabuse/
Personally I think companies should have a white list, just enabling the IPs that you really need to allow traffic from, but that is not easy if you are a VoIP provider with clients all over the world.
Next step on this list would be to automate the whole process.
Sjur Usken 