How to prevent VOIP Spam

What is SPIT?

Spam over Internet Telephony (SPIT) is telephone spam that is transmitted over the Internet Protocol using IP (Voice over IP) telephony. Telephone spam refers to unwanted telephone calls that are automatically and in large numbers recorded. Phone spam is similar to email spam, but is currently less common and requires other safeguards due to synchronous communication.

How abuse takes place

IP telephony, as well as email and other Internet applications, is prone to being abused by unwanted messages and connections. Call machines can be used for telesales, telemarketers, for alleged winning messages, or as phone calls. In particular, IP telephony offers this freely available software (such as Asterisk or SIP) and inexpensive options to automatically sell a large number of calls. The IP telephony is often based on the Session Initiation Protocol (SIP) [1] for setting up, controlling and reducing the telephone connections. After establishing a SIP session and accepting the call by the called party, a pre-recorded spam message can be recorded. For pure lock or ping calls, no audio data is transmitted.

Large numbers of unwanted and automated phone calls

SPIT is characterized by a large number of unwanted and automated phone calls that are transmitted using the Internet Protocol. The caller (spammer) tries to establish a large number of connections using suitable software and plays a recorded message as soon as the called party answers the call. Using the widely used Session Initiation Protocol (SIP), the connections to INVITE messages are initiated and then configured and set up with other messages; The audio data is then transmitted via the Real-time Transport Protocol (RTP). The spammer can this telephony software such. B. Asterisk use. The spam calls can be transmitted via gateways of the telecommunications network operators in the conventional telephone network (PSTN).

How to prevent VOIP Spam?

Many users have no problem with SPIT already being "shielded" behind NAT or a package filter, AKA firewall. Others, running a Linux server with VOIP server and client on it might be exposed to VOIP Spam. These can protect themselves by setting up one package filter rule:

iptables -A INPUT -p udp ! -s 217.10.79/24 --destination-port 5060 -j REJECT
assuming 217.10/16 is the IP range from your ISP. In this case it's Sipgate. That will throw away all UDP packages to the SIP port (5060, might differ on other setups) unless they come from 217.10.79/24.

Comments