Australia" Received: by 10.216.203.96 with SMTP id e74mr836767weo.1.1349649877867; Sun, 07 Oct 2012 15:44:37 -0700 (PDT) X-BeenThere: hackerspace-adelaide@googlegroups.com Received: by 10.180.90.134 with SMTP id bw6ls6105198wib.1.canary; Sun, 07 Oct 2012 15:44:37 -0700 (PDT) Received: by 10.180.84.74 with SMTP id w10mr1895140wiy.4.1349649877221; Sun, 07 Oct 2012 15:44:37 -0700 (PDT) Received: by 10.216.101.133 with SMTP id b5msweg; Sun, 7 Oct 2012 15:42:13 -0700 (PDT) Received: by 10.180.86.97 with SMTP id o1mr1907570wiz.2.1349649733317; Sun, 07 Oct 2012 15:42:13 -0700 (PDT) Received: by 10.180.86.97 with SMTP id o1mr1907569wiz.2.1349649733288; Sun, 07 Oct 2012 15:42:13 -0700 (PDT) Return-Path: Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) by gmr-mx.google.com with ESMTPS id bu8si800357wib.2.2012.10.07.15.42.13 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 07 Oct 2012 15:42:13 -0700 (PDT) Received-SPF: pass (google.com: domain of kap.dev...@gmail.com designates 209.85.212.170 as permitted sender) client-ip=209.85.212.170; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of kap.dev...@gmail.com designates 209.85.212.170 as permitted sender) smtp.mail=kap.dev...@gmail.com; dkim=pass header...@gmail.com Received: by mail-wi0-f170.google.com with SMTP id hm2so2379704wib.5 for ; Sun, 07 Oct 2012 15:42:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=JnwRiShEVEdSGwRCejAPS64C8zrbeG1rApraUn4aWgQ=; b=KGWhuz2uRI6jJitDdQpDc0w3jbc1Ui2nkiapN7w7JhN6GlR2TtRb0dK8iJ4eUbxntB Ch40IADG8ubCNYeQqOl2pt1m95IwP4Zxz5vBL0KuN6NASdcYZM7Y2z9bMvCrALGlelr8 M44Ig4TBnIGsWwdzfQBP6lVbl3/1geN+UtS9Ue+f90G/sR1lnZ7qtGUMvI8od2FB+hMH CToKOm4GVXvtImb3EyIZqGIC310DKJobjscXa7wbpGxsNDok4AAZhbBVjk+upDAaU/ok pKhOanXn0ce8S9lzskaFnUD+AdYfMZqY4v15BiNtEM5Cq3b9oJXWjVmtWwDcbvIZBJUg vGaw== Received: by 10.216.134.100 with SMTP id r78mr8050313wei.152.1349649733078; Sun, 07 Oct 2012 15:42:13 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.86.202 with HTTP; Sun, 7 Oct 2012 15:41:52 -0700 (PDT) In-Reply-To: <6b054e43-3902-4ae9-a0d8-df4f41d30bd3@googlegroups.com> References: <6b054e43-3902-4ae9-a0d8-df4f41d30bd3@googlegroups.com> From: Kapheroph Date: Mon, 8 Oct 2012 09:11:52 +1030 Message-ID: Subject: Re: [HACK-ADL] sipvicious To: hackerspace-adelaide@googlegroups.com Content-Type: multipart/alternative; boundary=0016e6d77c41e94d3204cb7fd081 --0016e6d77c41e94d3204cb7fd081 Content-Type: text/plain; charset=ISO-8859-1 Hey mate, It's been a while since I've used it in a pen test but it was probably just a random scan. Not really much to worry about unless it becomes a frequent attack. No doubt you stumbled across the project's landing page: http://blog.sipvicious.org/ You could check for updates on your device's firmware or tune the network's NIDS/NIPS if you are running such software/hardware on your network, but again I wouldn't worry about it unless the calls are so frequent it results in a denial of service. Hit me up on chat if you have any further worries. Cheers. On 8 October 2012 07:55, Jamie Mackenzie wrote: > Hi guys, > > Does anybody know anything about "sipvicious"? > > I have a VoIP phone and it rang this morning at 2:40am. The caller id > showed up as sipvicious and when the call was answered there was nobody > there. > > I did a little googling and I don't think it's much to worry about, but > thought I'd ask here to see if anybody knew anything more about it? > > -- > You received this message because you are subscribed to the Google Groups > "HackerSpace - Adelaide, South Australia" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/hackerspace-adelaide/-/hraWpGVFHwoJ. > To post to this group, send email to hackerspace-adelaide@googlegroups.com > . > To unsubscribe from this group, send email to > hackerspace-adelaide+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/hackerspace-adelaide?hl=en. > --0016e6d77c41e94d3204cb7fd081 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hey mate,

It's been a while since I've used it in a pen test= but it was probably just a random scan. Not really much to worry about unl= ess it becomes a frequent attack.

No doubt you stumbled across the p= roject's landing page:
http://blog.sipvicious.org/
= You could check for updates on your device's firmware or tune the netwo= rk's NIDS/NIPS if you are running such software/hardware on your networ= k, but again I wouldn't worry about it unless the calls are so frequent= it results in a denial of service.

Hit me up on chat if you have any further worries.

Cheers.

On 8 October 2012 07:55, Jamie Mackenzie <= span dir=3D"ltr"><jrrmacken...@gmail.com> wrote:
Hi guys,

Does anybody kno= w anything about "sipvicious"?

I have a = VoIP phone and it rang this morning at 2:40am. =A0The caller id showed up a= s sipvicious and when the call was answered there was nobody there.

I did a little googling and I don't think it's = much to worry about, but thought I'd ask here to see if anybody knew an= ything more about it?

--
You received this message because you are subscribed to the Google Groups &= quot;HackerSpace - Adelaide, South Australia" group.
To view this discussion on the web visit https://gro= ups.google.com/d/msg/hackerspace-adelaide/-/hraWpGVFHwoJ.
=20 To post to this group, send email to hackerspace-adelaide@googlegroups.com<= /a>.
To unsubscribe from this group, send email to hackerspace-ade= laide+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.c= om/group/hackerspace-adelaide?hl=3Den.

--0016e6d77c41e94d3204cb7fd081--