Scam telemarketers spoofing our NOC phone number for callerid
J. Oquendo
sil at infiltrated.net
Wed Oct 6 16:50:01 UTC 2010
William Herrin wrote:
> On Wed, Oct 6, 2010 at 10:37 AM, Dan White <dwhite at olp.net> wrote:
>
>> If your PBX is SIP based, you might be victim of a SIP registration hijack,
>> which are on the rise, based on traffic we've been seeing in our network.
>>
>
> I had my unpublished asterisk box up for all of two days before
> getting half a megabit per second worth of false SIP registration
> attempts. Filled /var/log. I had to write a script to dynamically
> filter source IPs with too many failures.
>
> Regards,
> Bill Herrin
>
>
"A Simple Asterisk Based Toll Fraud Prevention Script"
http://www.infiltrated.net/asterisk-ips.html
Cheap marketing of a free RBL for VoIP: http://www.infiltrated.net/voipabuse
Anyhow, I spoke about this last week (toll fraud abuse via IP PBX
tricksters). Show # 275
http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=22622&cmd=tc
http://voipsa.org/blog/2010/09/29/voip-attackers-sometimes-they-come-back/
http://voipsa.org/blog/2010/09/28/voip-abuse-project/
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
More information about the NANOG
mailing list