[VOIPSEC] Nortel MCS + NIDS
Bruno FAVRE
bruno.favre at niji.fr
Mon Apr 24 07:27:16 CDT 2006
Hi there,
I had been pointing to this document which is a good exemple of what can be
done with Snort regarding SIP problematic.
The document is in french... But there is the source code of what Lalaina
Kuhn had wrote for Snort during its study.
I hope this will help you.
http://www.iict.ch/Tcom/Projets/VoIP/Kuhn.pdf
Cordialement,
Bruno Favre
-----Message d'origine-----
De : Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] De la
part de My Name
Envoyé : dimanche 23 avril 2006 04:36
À : voipsec at voipsa.org
Objet : [VOIPSEC] Nortel MCS + NIDS
Hi all,
Is anyone on here protecting a Nortel MCS complex with NIDS? I would be
interested to see if you have written custom signatures for SIP and RTP
traffic that would trigger an alert if anything other than 'normal' traffic
is seen by the NIDS.
Thanks in advance!
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list