README - projectvoip - VoIP honeypot similar to ssh honeypot, using asterisk as the backend.
(HTM) git clone git://jay.scot/projectvoip
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
---
README (1106B)
---
1
2 __ __ __ ___ __ ___ __ __
3 |__) |__) / \ | |__ / ` | \ / / \ | |__)
4 | | \ \__/ \__/ |___ \__, | \/ \__/ | |
5
6
7 Project VOIP was meant to be a VOIP honeypot, but I haven't had much
8 time to develop it, so I am uploading everything I have so far. Project
9 VOIP is based on phorensix v1.0 by J. Oquendo / sil @ infiltrated dot
10 net.
11
12 Phorensix was scripted in bash and logged all information to a series of
13 files. Project VOIP is coded in Ruby has been updated to work with the
14 latest version of asterisk and also logs all information to a MySQL
15 database.
16
17 * Logs the following information to a mysql database:
18 * IP Address information
19 * Peer(s) AS Number
20 * Netblock AS Number
21 * Netblock Prefix
22 * AS Name
23 * AS Country
24 * AS Domain name
25 * ISP Name
26 * Number called
27 * SIP Agent
28 * SIP channel used
29 * Traceroute of the IP Address
30 * Packet capture of the session (.cap file)
31 * Recording of the call (.wav)
32
33 usage:
34
35 $ apt-get install tshark rubygems mysql-client libmysqlclient-dev
36 $ gem install mysql