[OpenSIPS-Users] Fraud Detection in OpenSIPS 1.12
Anton
lav at ptcomm.ru
Sat Nov 15 22:02:05 CET 2014
This module is compatible with version Opensips 1.11.2?
if so, where to find it?
02.09.2014 20:26, Răzvan Crainea пишет:
> Hi all,
>
> The second topic discussed during the last IRC meeting[1] was about
> building a Fraud Detection module that prevents PBX or accounts
> hijacking.
>
> Basically the module will allow you to define different dialing
> profiles (the destination you are dialing, how often, how many
> parallel calls, etc.) - the profiles are statically defined via DB.
> Such profile is assigned to a dialing entity (end-user, SIP trunk,
> inbound gateway, etc.). These metrics can be further interpreted to
> block or allow certain suspicious calls from that entity.
>
> The module will export a new command in the OpenSIPS script that can
> be used to check whether the call should be allowed or not. The
> command will return different error codes, depending on the severity:
> 1 for the normal state (call should be allowed, no abnormalities
> detected), -1 for warning (user is approaching to a critical limit)
> and -2 for critical (thresholds are reached, call should not be
> allowed). A usage example might be something like this:
>
> if (check_fraud("$rU", "$fU", "premium") < 0) {
> switch($retcode) {
> case -1:
> xlog("WARNING: $fU called to $rU\n");
> break;
>
> case -2:
> xlog("CRITICAL: $fU called to $rU - call denied\n");
> send_reply("403", "Forbidden");
> exit;
> }
> }
>
> Moreover, the module will also trigger events (that can be handled by
> event_routes or external applications) whenever those thresholds are
> reached.
>
> The discussion was not closed during the meeting, so we need to gather
> more ideas for the Fraud Detection module. What kind of features would
> you like to see in this module? What use case scenarios you find
> suitable for fraud detection? How would you like to use this feature?
>
> Feel free to give any feedback you find useful for this!
>
> [1] http://www.opensips.org/Community/IRCmeeting20140827
>
> Best regards,
>
More information about the Users
mailing list