krzykat
Telecom Strategist
- Joined
- Aug 2, 2008
- Messages
- 3,145
- Reaction score
- 1,235
While looking at logs, I notice that hackers regularly try to hit specific extensions. For example, 100, 101, 1000, 1001. So I had an idea ... what if I never use these extensions in my builds, and anytime anyone tries to register to these, I ban them PERMANENTLY. Then I thought, why not expand upon this idea. What if we setup a fictitious PBX whose sole purpose is to find out WHO hackers are.
This is my idea: Get a PBX setup and then monitor anyone that tries to register to it. Grab every one of the IP's that tries to register and add it to a blacklist table, let's call it NVblacklist. Then in the failban module that NV builds in every system, part of it will have the option to ban drop anything in the NVblacklist.
This is my idea: Get a PBX setup and then monitor anyone that tries to register to it. Grab every one of the IP's that tries to register and add it to a blacklist table, let's call it NVblacklist. Then in the failban module that NV builds in every system, part of it will have the option to ban drop anything in the NVblacklist.