<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix"><tt>Hi, Laszlo!<br>
<br>
The new module should provide all these features in a unified
way. Just give it a try and let us know how it works :).<br>
<br>
Best regards,<br>
</tt>
<pre class="moz-signature" cols="72">Răzvan Crainea
OpenSIPS Solutions
<a class="moz-txt-link-abbreviated" href="http://www.opensips-solutions.com">www.opensips-solutions.com</a></pre>
On 02/25/2015 06:37 PM, Laszlo wrote:<br>
</div>
<blockquote
cite="mid:CANhz8u=fUYVohseD9bFMeQwDMHHpevihpsZj5ve8zmvjeLi6rg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>Hi Andrei, </div>
<div><br>
</div>
This is a very useful module and can be a life saver. We
implemented nearly the same thing 1 year ago (actually it's a
two level check) with nearly the same logic as we see in this
module.
<div>Few more "variables" are used in the logic, like monitoring
the useragent string, monitoring the last 10/100/1000 calls to
check past dialing patterns, etc. In nowadays's nosql and
caching "era" it should not be a problem. This module is
definately a good start!</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Feb 25, 2015 at 3:02 PM, Andrei
Datcu <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:andreidatcu@opensips.org" target="_blank">andreidatcu@opensips.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Hello
OpenSIPS community,</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">When
was the last time when your users were hijacked and
scammed? We know for sure when it will be the last time
- NOW! For those of you familiar with the major problem
in the VoIP world, we have good news: OpenSIPS 2.1 can
now detect and prevent those attacks through it’s fraud
detection module!</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Fraud
is a major problem nowadays and it is more complex as it
depends on the end-user/end-device security level. And
all the VoIP providers are looking forward for ways to
protect their users and avoid the blame.</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">For
recognizing an attack, the Fraud Detection module
defines profiles. A profile is a set of five parameters
that together decide when an user account is hijacked:</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">
* Total number of calls - maximum number of incoming
calls (in a given time frame) before considering the
accounted hijacked</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">
* Number of calls per minute - maximum number of CPS
before considering the user account hijacked</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">
* Number of concurrent calls - maximum number of
parallel calls the user can have without being
considered hijacked</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">
* Number of sequential calls - maximum number of
consecutive calls to the same destination before the
user account is considered hijacked</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">
* Call duration - maximum duration of a call before
being considered a potential fraud</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Each
user gets assigned a profile and OpenSIPS will update
and evaluate the profile for each incoming call of that
user. The Fraud Detection will keep trace of the user’s
calls, of their parameters and how their are fitting
into the user’s profile. Whenever a threshold for one of
these parameters is hit, you will be noticed either
through a return code or through an event.</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">A
quick start tutorial is already available[1]</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">The
module documentation can be found at[2]</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Please
do not hesitate to provide any feedback, comments,
reports or questions in regards to this new module.</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">[1]<a
moz-do-not-send="true"
href="http://www.opensips.org/Documentation/Tutorials-FraudDetection-2-1"
target="_blank">http://www.opensips.org/Documentation/Tutorials-FraudDetection-2-1</a></p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">[2]<a
moz-do-not-send="true"
href="http://www.opensips.org/html/docs/modules/2.1.x/fraud_detection.html"
target="_blank">http://www.opensips.org/html/docs/modules/2.1.x/fraud_detection.html</a>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px"><br>
</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Regards,</p>
<p
style="margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;text-indent:0px">Andrei
Datcu</p>
</div>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a moz-do-not-send="true"
href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users"
target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div>
<div><br>
--<br>
</div>
Kind regards,<br>
</div>
Laszlo Bekesi<br>
</div>
<a moz-do-not-send="true" href="http://voipfreak.net"
target="_blank">http://voipfreak.net</a><br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>