[VOIPSEC] Solutions in addressing SPIT (Spam over Internet Telephony)
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Feb 17 01:00:08 CST 2005
At 07:07 PM 15-02-05 -0500, Mark Teicher wrote:
>One issue that has not been discussed but voicemail bombers. Applications
>that wardial a range of numbers it is presented with, and leaves a
>voicemail on a number that answers. This is a very hard to block since
>unless one does heurestics on the calling pattern, but also one can
>configure multiple voicemail bombers at a very slow speed that makes
>detection from normal call volume traffic very hard. In a heavy call
>center environment where normal call patterns are extremely high (i.e mail
>order houses at the various holidays or computer support centers )
>Decoding the voicemail in the format that the voicemail system saves in
>may also hamper performance of the system.
>
>SPIT has different characteristics than SPAM..
Wrong. Wardialing in the world of IP is known as DHA (Directory Harvest
Attack) or Rumpelstiltskin Attack:
http://postini.com/services/what_are_dhas.html
Postini pegs DHA attacks that 1 out of very 2 SMTP connection is a wasted
connection attempting to find valid emails:
http://postini.com/stats/
DHA and wardialing are very similar in their attack vector.
-Hank
>/m
More information about the Voipsec
mailing list