[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SIP - perhaps botnet? anyone else seeing this?

Subject: SIP - perhaps botnet? anyone else seeing this?
From: ge at linuxbox.org (Gadi Evron)
Date: Wed, 15 Apr 2009 23:03:25 +0300
In-reply-to: <[email protected]>
References: <[email protected]>

Leland E. Vandervort wrote:
> 
> Managed to get to the bottom of it, and it was indeed a SIP User-Agent
> brute-force attempt.  Interestingly, though, that your mail mentions
> specifically verizon... the majority of the remote addresses during this
> brute-force attempt were also behind verizon... coincidence?
> 
> Hmm..

There are at least two projects I'm aware of and some tools 
released/getting released working on war-dialing over SIP.

One tool to take a look at and see if it fits the bill is WarVOX from 
Metasploit's HD Moore.

http://www.warvox.org/index.html

	Gadi.

References:
- SIP - perhaps botnet? anyone else seeing this?
  - From: leland at taranta.discpro.org (Leland E. Vandervort)

Prev by Date: Level3 funkiness
Next by Date: Level3 funkiness
Previous by thread: SIP - perhaps botnet? anyone else seeing this?
Next by thread: SIP - perhaps botnet? anyone else seeing this?
Index(es):
- Date
- Thread