projectvoip

VOIP honeypot using Asterisk as the backend.
git clone git://git.beardyjay.co.uk/projectvoip
Log | Files | Refs | README

README (1242B)


      1 
      2 
      3 http://projectvoip.jayscott.co.uk
      4 
      5 
      6 Project VOIP
      7 =============
      8 
      9 
     10 Project VOIP was meant to be a VOIP honeypot but I havent had much time to
     11 develop it so I am uploading everything I have so far here :-) 
     12 
     13 Project VOIP is based on phorensix v.1 by J. Oquendo / sil @ infiltrated dot net.
     14 
     15 Phorensix was scripted in bash and logged all information to a series of files. 
     16 Project VOIP is coded in Ruby has been updated to work with the latest version of
     17 asterisk and also logs all information to a MySQL database. 
     18 
     19 Jay Scott <jay@jayscott.co.uk>
     20 
     21 
     22 What it does
     23 ------------
     24 
     25 -> Logs the following information to a mysql database: 
     26  -> IP Address information
     27    -> Peer(s) AS Number
     28    -> Netblock AS Number
     29    -> Netblock Prefix
     30    -> AS Name
     31    -> AS Country
     32    -> AS Domain name
     33    -> ISP Name
     34  -> Number called
     35  -> SIP Agent
     36  -> SIP Channel used.
     37  -> Traceroute of the IP Address
     38  -> Packet capture of the session (.cap file)
     39  -> Recording of the call  (.wav)
     40 
     41 Installing
     42 ----------
     43 
     44 Install Tshark and ruby gems if not installed already
     45 
     46  - apt-get install tshark rubygems mysql-client libmysqlclient-dev
     47 
     48 Install the ruby gem files for mysql
     49 
     50   gem install mysql
     51 
     52 Use the configs below as a template, changing the values as appropriate
     53