[VoiceOps] [VOIPSEC] Tackling VoIP fraud, new idea

Christopher Aloi ctaloi at gmail.com
Mon Feb 24 10:50:24 EST 2014


What does the "International Revenue Fraud Number Database" on cfa.orgcontain?

I agree it's tricky to block based on hosts, you hit one and the others
start popping up.



-- Christopher Aloi
-- ctaloi at gmail.com





On Fri, Feb 21, 2014 at 4:17 PM, Jim Dalton <jim.dalton at transnexus.com>wrote:

> One option maybe to cooperate with the Communications Fraud Control
> Association  (www.cfca.org).  They do vet their members, but they do not
> have a mailing list.  The association also has an annual membership fee.
>
> Jim Dalton
>
> -----Original Message-----
> From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of J.
> Oquendo
> Sent: Friday, February 21, 2014 3:38 PM
> To: Hiers, David
> Cc: voiceops at voiceops.org; Mark Collier; voipsec at voipsa.org
> Subject: Re: [VoiceOps] [VOIPSEC] Tackling VoIP fraud, new idea
>
> On Fri, 21 Feb 2014, Hiers, David wrote:
>
> > The key is vetting the participants.  Even the feds have a hard time with
> that...
> >
>
> Indeed which is why I stated:
>
> 1) Private mailing list - to prevent talks from being seen
>
> 2) NON freemail addresses - easier to establish that this individual works
> for this company, therefore its highly unlikely he is going to throw
> himself, and or his company, under the bus passing bogus information.
>
> The "private mailing list" is not to try to start some secret club, VoIP
> Gestapo. It is merely to be able to share data, methods, etc., with other
> peers in an effort to keep our networks from piping out 100s of thousands
> of
> dollars in toll fraud. PERIOD. ANYONE is open to participate, with the
> clause that we want to, and NEED to be able to trust data. Otherwise it
> will
> never work.
>
> I will re-think this over the weekend and have a take two.
> I think it could, and would work. I do also believe that there are likely
> individuals even on this list, that would not like the idea much, so
> hosting
> decisions need be met, etc., in order to keep away DDoS attacks, reputation
> based attacks, and so forth. That's my train of thought though.
>
> --
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
>
> "Where ignorance is our master, there is no possibility of real peace" -
> Dalai Lama
>
> 42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20140224/b13b75b5/attachment-0001.html>


More information about the VoiceOps mailing list