> ContactTel Business wrote:
>
>> Here is the trace.. please DEVs... add a reporting option to sip  
>> stack that
>> will report on that ip , or something..
>
> That's not really plausible.
Well, that's not entirely true.
There is an effort under way to create a separate logging channel for  
security events, which each channel method could then populate with  
incidents it feels are "bad" - this would obviously be channel- 
dependent, but there are some common criteria for VoIP connection  
issues that can be standardized.  An external program would then have  
to make sense of those events.  At a minimum, a framework for  
reporting illegitimate (and legitimate) authentication or  
authorization attempts would allow forensics in a post-event situation  
and/or permit external scripting to deflect some of the attack methods.
This was discussed to some degree on -dev, and extensively at the  
Asterisk European Developers Meet-Up, though a summary proposal has  
yet to be sent to -dev for discussion. If anyone is interested in  
helping with the effort, I'd suggest keeping an eye on the -dev  
mailing list for the write-up.
JT
----
John Todd                       email:jtodd@digium.com
Digium, Inc. | Asterisk Open Source Community Director
445 Jan Davis Drive NW -  Huntsville AL 35806  -   USA
direct: +1-256-428-6083         http://www.digium.com/
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-biz
No comments:
Post a Comment