Preparing for Astricon 2014

I will be heading out to Vegas to talk security in October

I have been allocated the following date and time for my talk (but would advise that this may be subject to change):

Date: Thursday, October 23^rd

Time: 10.00-10.35am

Track: Security

Title: Making your Asterisk system secure

Have you signed up Astricon yet? 

Astricon 2013 Security Master Class Videos

All of the Official Videos from Astricon 2013 Security Master Class have been posted

http://www.youtube.com/playlist?list=PLighc-2vlRgT3DhE9DkIgSmpUX6v2AtYo

Mine are the first 2.

Astricon 10 October 2013

I will be giving the first 2 sessions in the Asterisk Security Master Class while Nir will be presenting on the last day.

For more information go to http://www.asterisk.org/community/astricon-user-conference

Nice article on effects of Toll Fraud

Thanks to Mark Collier's VoIP Security Blog I point you to this article that  Toll fraud can put SMEs out of business in minutes.

Unfortunately the premise and conclusions are correct. If you think of the example from the 2011 Astricon where a company was hit for $400,000 in fraud over 2 days then it is easy to see how this kind of hit could cost a small business everything in almost no time.

Real time monitory and proper security checks are needed to help prevent this kind of fraud. I will keep posting details on how you can protect your company, or you can contact me directly for more information about real-time monitoring or VoIP Security Audits.

AstriCON '12 presentations

GreenfieldTech Presentations from AstriCON'12 are now available at:

http://www.greenfieldtech.net/corporate/downloads/  

Activity at Astricon’12

During Astricon’12  I will be part of the Greenfield Technology team at the show, along with speaking I will be at the Kamailio booth during Astricon’12.

Astricon’12 is taking place in Atlanta, GA, USA, during October 23-25, 2012

Speaking 

Nir and I will be presenting at the event. I will be presenting on Wednesday, October 24, 2012, in the 11:40-12:15 time slot.

Presentation title:

Found in the wild: Telecom Fraud and Security Problems 

Abstract

Last year's Security Panels at AstriCon brought examples from the audience (like: found and hacked in under 10 min. and $400k in fraud in 2 days). This year there are many new fraud attacks and audit horror stories and recommendations for you.

This session will review the security breaches of the past year as well as highlights of the most common problems found in security audits. The audience is encouraged to provide their own examples and jointly define solutions.

Also, Nir Simionovich will be presenting on Thursday, October 25, 2012, in the 10:00-10:35am time slot.

Presentation title: 

Asterisk Lock Down - Beyond Fail2Ban

Abstract

Fail2Ban is a wonderful tool, but it is only one of many tools out there to assist in the protection of your Asterisk server. Some of these tools are so simple, that by utilizing very simple techniques, a complete lock down can be enforced. The session will share some methods that were deployed over the course of the years 2010 and 2011 and several locations and had proved to reduce the risk of hacking and fraud tremendously. 

Kamailio Booth

Along with speaking we will be at the Kamailio booth in the open source area. The Kamailio booth number is 20, if you are attending the show; stop by to learn about use cases of Kamailio and what is new in the project.

Astricon updates

Rather than another Fraud Terms Tuesday today I bring you 2 links from Astricon.

In the first, Tom Keating from TMC Net caught me and Nir running the first part of the Security Round Table. Here is his blog entry about it AstriCon VoIP Security - $400,000 toll fraud - YIKES! and here is the video he took at the start of the session.

Later that day we were interviewed by Chris DiMarco, also from TMC Net. Here is the link to his article  Saying Humbug to Telephony Fraud.