November 13, 2013
Brekeke Software, Inc.
Brekeke now offers Intrusion Prevention in its SIP products
San Mateo, CA, November 13, 2013 -Brekeke Software, developer of SIP software for enterprises and service providers, has today announced the release of a new version of Brekeke SIP Server and Brekeke PBX. With this updated version (v3.2), Brekeke strengthens its intrusion prevention and the mitigation of malicious VoIP/SIP attacks.
“With the recent increase of SIP attacks, such as SPIT(*1) and TDoS(*2), we believe it is essential to offer attack detection in our system. But we went one step further and included the Attempt Monitoring feature for dynamic blacklisting in our products. Attempt Monitoring keeps an eye on all activities and protects your services from any malicious attempts. Currently, the Attempt Monitoring feature can be set based on four common events: failed authentication, invalid destination, malformed packet and multiple access,” said Shinichi Mitsumata, Brekeke’s CTO. “Also, by setting a honeypot, a system administrator will be able to catch malicious attempts before they see any damage to their system. And what’s even better is that you can do this in real-time,” added Mitsumata.
With conditional expressions set at the SIP server, a system administrator can create a honeypot to lure a possible attack or unauthorized use of the system, such as number harvesting or toll fraud. Unlike a reactive response to malicious attempts, the administrator does not need to know the source or patterns of activities to prevent harm to their system. By setting multiple conditional rules, it’s possible to create a more secure system that prevents malicious attempts or misuse from outsiders. This protection can be set proactively to minimize the chance of attacks and damages, rather than dealing with problems after they occur.
Moreover, by defining rules for either blocking or trusting certain IP addresses, the Filtering Policy feature can work as a black list and white list. When Brekeke products detect the pattern of a malicious attempt in any of the Attempt Monitoring or Filtering Policy security settings, or in a Honeypot, the source IP address will automatically be added to the black list database, and any other actions that the administrator preset during configuration will be executed as well. This could include notifying other Brekeke SIP Servers to report the incident, updating a firewall's black list and notifying an administrator based on the plugin.
*1) SPIT = SPam over Internet Telephony
About Brekeke SIP Server
About Brekeke PBX
About Brekeke Software, Inc.