[VoiceOps] Fraud fun

Ujjval Karihaloo ujjval at simplesignal.com
Thu May 19 16:25:09 EDT 2011


Automated way to block IP via ACLs using Acme CDRs/syslogs, sure would be
good.

We get DDOS SNMP Traps identifying IPs that are running REGISTER
scans...But as someone said, these abusers are getting smarter and scaling
back their register scan rates so as not to show up on the radar.

Its an ever-evolving battle. I know they are on this list as well...:)



-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org]
On Behalf Of Peter Eisengrein
Sent: Thursday, May 19, 2011 1:59 PM
To: voiceops at voiceops.org
Subject: Re: [VoiceOps] Fraud fun

Someone (sorry, don't have the email handy) previously mentioned that they
monitor the output from their acme and then blacklist IP's. Very
interesting idea -- how are you determining who the "bad guys" are? From
the "friendly-scanner" agent field? In what field is this? Are you doing
this from the RADIUS CDRs?

Thanks,
Pete

_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops


More information about the VoiceOps mailing list