[VoiceOps] Growing attack pains
J. Oquendo
sil at infiltrated.net
Mon Jan 10 11:53:06 EST 2011
I'm in the market for something to place in front of an SBC (modules
would be nice, e.g., Asterisk module, Avaya module, etc.) The device
will need to do the following:
Block on N ... Block N amount bad attempts indefinitely and alert
Block on Prefix ... If PREFIX is anywhere in SIPURI/ANI/CID, block
(country specific would be nice)
We are having a hard time keeping up with the attack vectors here. We
recently saw a compromise from Egypt where the password was 15
characters mixed numbers, letters and symbols. So obviously longer
passwords aren't even an issue anymore.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
More information about the VoiceOps
mailing list