tags:

views:

82

answers:

1
Q: 

Most important feature in VoIP honeypot today

I'm writing a VoIP honeypot. Right now, it's listening on a specific port (SIP) for incoming connections. What would you suggest are the most important features it should have in terms of scanning/attack detection and analyzing? I don't think there are many sophisticated attacks out there (yet), so implementing anything beyond DoS/flooding detection might be a waste of time because creating VoIP sessions (with SIP) and recording and analyzing multimedia streams is more complicated than just to listen for scans on a specific port. But one day those automated attacks might come, similar to what is happening right now to Window RPC/SMB for instance.

Any thoughts on this from people who follow that whole VoIP security topic?

A: 

From> https://www.honeynet.org/node/554

Forensic Challenge 2010/4 - VoIP is now live

Main blog - Tue, 06/01/2010 - 15:18 Challenge 4 of the Honeynet Project Forensic Challenge - titled "VoIP" - is now live. This challenge 4 - provided by Ben Reardon from the Australian and Sjur Eivind Usken from Norwegian Chapter - takes you into the realm of voice communications on the Internet. VoIP with SIP is becoming the de-facto standard. As this technology becomes more common, malicious parties have more opportunities and stronger motives to take control of these systems to conduct nefarious activities. This Challenge is designed to examine and explore some of attributes of the SIP and RTP protocols. Note that our Chinese speaking chapters (Julia Cheng from the Taiwanese Chapter, Jianwei Zhuge from the Chinese Chapter and Roland Cheung from the Hongkong Chapter) have taken great initiative and translated the challenge into Chinese, which is available from the simplified Chinese and traditional Chinese pages (will be posted by EOD today.) With this challenge, we are getting on a firm 2 month cycle. You will have one month to submit (deadline is June 30th 2010) and results will be released approximately 3 weeks later. Small prizes will be awarded to the top three submissions. Enjoy the challenge! Categories: Honeynet Blogs, Main blog

belisarius  2010-06-27 04:47:49

related questions

Python SIP library
integrating php mysql and voip and text to speech
Analyzing Phone Call Records in MySQL DB
asterisk load balancing using openser/opensips
How to build a softphone (using SIP protocol) using C#
Asterisk Manager Api events
Looking for a VoIP service provider
I want to make a temporary answerphone which records MP3s
How do VoIP services connect to landlines?
VoIP test environment
VoIP on windows [C]
C# SIP Stack/Library
setup an IVR with Asterisk
Free streaming server for Voip server
What architecture do VoIP applications use, P2P or Client-Server?
IP phone to web application integration
Where do I get the best overview / intro to FreeSwitch
Why Does RTP use UDP instead of TCP?
Start a SIP call on a Symbian S60 mobile device
What are good references for .Net development with Office Communications Server?
What is the best VOIP toolset for use with .Net development?
Book recommendations for SIP
What's a good open source VoiceXML implementation?
C# Corrupt Memory Error
What's your Interactive Voice Response Platform?