serxoz
a2357178cc
Reviewed-on: #4 |
||
---|---|---|
doc | ||
installation/openbsd | ||
src | ||
.gitignore | ||
Cargo.lock | ||
Cargo.toml | ||
Dockerfile | ||
LICENSE | ||
Makefile | ||
README.md | ||
action_script.sh | ||
config.toml | ||
fuzz.py |
README.md
SIP tarpit
The idea is that a SIP attacker lost more time while trying to crack this "SIP service". Could be defined as a slow honeypot...
Initially will be designed against a sipvicious attacker.
SIP features:
-
Answer to OPTIONS This way will be mapped in the network
-
Answer to REGISTER This way attacker will be entertained for some time... :D
Use
- Docker: simply do make docker-build && make docker-run
- Install: enter installation directory and run install.sh
Configure
Read config.toml and adapt it to your preferences. Keep in mind that for docker use you want to keep log_file="CONSOLE".
Action Script
You can configure action script by adding it to config.toml. When a new suspicious IP address is detected, the script will be executed. See action_script.sh for an example.