Questions tagged [secast]

SecAst is a software application that runs on the same host as Asterisk, and uses a variety of techniques to detect intrusion attempts, halt ongoing attacks, and prevent future attacks. In addition, SecAst uses advanced techniques to detect valid credentials that have been disclosed / compromised and are being abused. SecAst uses heuristic algorithms to detect fraudulent activity based on known attack patterns, and Geographic IP information to block attack attempts based on continent/country/region/city. Upon detection SecAst blocks the current attacker from the Asterisk host at the network level.

Definitions:

• Geofencing: detecting and blocking IP's based on their geographic location.
• Heuristics: detecting and blocking IP's based on the action / command patterns sent to Asterisk.
• Dial Cadence: the rate at which calls are placed consecutively from the same extension.
• Hacker Database: detecting and blocking IP's based on a database of IP's known to be involved in fraud and hacking/intrusion
• Fraud Database: detecting and blocking dialing of phone numbers based on a database of phone numbers used in fraud. Also blocking of the originating source IP.

More information:

• VoIP Info Web Site
• Telium Web Site