VoIP Honeypot

Github Source

VOIP honeypot is a Voice over IP honeypot designed to gather information on spammers using the SIP protocol.

Tech Stack

  • Asterisk
  • Wireshark / TShark
  • MySQL
  • Ruby

What it does

Logs the following information to a mysql database:

  • IP Address information
    • Peer(s) AS Number
    • Netblock AS Number
    • Netblock Prefix
    • AS Name
    • AS Country
    • AS Domain name
    • ISP Name
  • Number called
  • SIP Agent
  • SIP Channel used.
  • Traceroute of the IP Address
  • Packet capture of the session (.cap file)
  • Recording of the call (.wav)