Australian Honeynet Project

Since the Annual workshop in KL earlier in the year, I've been learning a lot about VOIP from Sjur Usken from the Norwegian Honeynet Chapter, and Sandro Gauci from Enable Security. Both of these guys are expert in the field of VOIP security, and we thank them for their assistance to the Australian Honeynet Project.

We've been testing a couple of different styles of VOIP honeypots (yes, phoneypots..). Presently we have one sensor in operation in the AU IP space, which is piloting. Plans are to increase the number, once techniques are matured and the tools are released by the authors.

We've seen some very interesting scanning of our phoneypot sensor during the pilot and the results will be posted shortly - so stay tuned for the following installments !

VOIP phoneynet : PART 2 "OBSERVATIONS OF THE VOIP PILOT THUS FAR"
VOIP phoneynet : PART 3 "WHAT WOULD CROOKS DO WITH A COMPROMISED VOIP GATEWAY ANYWAY?"
VOIP phoneynet : PART 4 "HOW BEST TO PROTECT AGAINST VOIP THREATS"
VOIP phoneynet : PART 5 "WHAT MIGHT THE FUTURE HOLD WITH VOIP SECURITY"
VOIP phoneynet : PART 6-n "TBA, what do you want ? , I'm taking requests at ben@honeynet.org.au "

This is an interesting area, and increasingly important as VOIP gets more popular, and is targeted by wrong-doers.
We feel that the general level of understanding of VOIP security and more-so malicious activity is relatively low, and that we need to increase this by getting a better view of the sort of malicious VOIP activity out there. This has been the driver behind this project. If you have any experience in VOIP honeynets, or actual incidents (anecdotal, or specific), please feel free to contact us.