[VOIPSEC] Solutions in addressing SPIT (Spam over InternetTelephony)
Christopher A. Martin
chris at sip1.com
Thu Feb 17 22:43:06 CST 2005
This is still very simple to mitigate, initially, as noted in an earlier
email that I sent out regarding spam...
1. Closed SIP system
2. Digest Authentication
Or even
3. IPSec AH authentication between companies and carriers...
All of this though is related to a carrier/enterprise environment and
doesn't help the average person who may not wish to use the carrier.
________________________________
Christopher A. Martin
P.O. Box 1264
Cedar Hill, Texas 75106
Domains.SIP1.com
http://domains.sip1.com
Low cost domain name registration & other Internet services.
Sign up for your PayPal merchant account today and start selling your
products on line today!
https://www.paypal.com/us/mrb/pal=Q622ZEE3CUWM8
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Hank Nussbacher
Sent: Thursday, February 17, 2005 1:00 AM
To: Mark Teicher; voipsec at voipsa.org
Subject: Re: [VOIPSEC] Solutions in addressing SPIT (Spam over
InternetTelephony)
At 07:07 PM 15-02-05 -0500, Mark Teicher wrote:
>One issue that has not been discussed but voicemail bombers. Applications
>that wardial a range of numbers it is presented with, and leaves a
>voicemail on a number that answers. This is a very hard to block since
>unless one does heurestics on the calling pattern, but also one can
>configure multiple voicemail bombers at a very slow speed that makes
>detection from normal call volume traffic very hard. In a heavy call
>center environment where normal call patterns are extremely high (i.e mail
>order houses at the various holidays or computer support centers )
>Decoding the voicemail in the format that the voicemail system saves in
>may also hamper performance of the system.
>
>SPIT has different characteristics than SPAM..
Wrong. Wardialing in the world of IP is known as DHA (Directory Harvest
Attack) or Rumpelstiltskin Attack:
http://postini.com/services/what_are_dhas.html
Postini pegs DHA attacks that 1 out of very 2 SMTP connection is a wasted
connection attempting to find valid emails:
http://postini.com/stats/
DHA and wardialing are very similar in their attack vector.
-Hank
>/m
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list