SentryPeer is designed to help detect compromised VoIP accounts. These credentials could have been gathered from desk phones, softphones, PBXs and WebRTC services for example. It works by your system always sending us an API call for each phone call (or IP address) you want to check. We then send you back a response with the results of our analysis. You can use this information to block the phone call, or take other action.
Let's say you are running your own VoIP PBX on site, or you're a VoIP service provider. What SentryPeer will allow you to do in this context, is dip into our list of phone numbers (using the RESTful API) as your users are trying to make outbound calls.
If you get a hit, you'll get a heads-up that potentially a device within your network is trying to call low cost probing phone numbers to check that the account can make outside calls. Criminals do this before revealing and calling the expensive numbers they want to call, which they usually own. These expensive numbers are often premium rate numbers, or international numbers.
The test numbers that we check against have either been:
We would then notify you or block the call using our various integrations, so you don't rack up any expensive calls or something worse happens.
There are many and new ones are being discovered all the time. Here are some common ones:
The data we compare your queries against is gathered from various VoIP (SIP) honeypots that we run, all round the world, unless you are on the Contributor Plan.
“After 12 years of building and scaling SureVoIP, an awarding winning Internet Telephone Service Provider, it was acquired from me in July 2021. I then created SentryPeer in an attempt to address the need of having an early warning system for VoIP fraud. I hope you find it useful and help us tackle this.”
We do our software engineering in the open and love bug reports and feature requests. Feel free to open an issue on any of our repositories.
SentryPeer Project Launched
The idea came about because I wanted to create the smallest possible SIP honeypot that could be run standalone and have its own local database and web APIs. I also wanted it to share that data with other SentryPeer peers.
Adopted by many users
Sometimes, well a lot of the time, you have to make things happen yourself. That includes packaging it up, contacting all the different people that you might think would benefit from using it and doing presentations about it to stir up interest.
Launch of SentryPeerHQ
The past year or so from March 2022 was spent maturing SentryPeer and thinking about how to make things easier for users. I decided that the option of a centralised service would help those that didn't want to run things themselves. I also wanted to keep that service free for users that wanted to contribute and consume their own data. Started in November 2022 during my free evenings and weekends, 8 months later, SentryPeerHQ was made public. It's powered by the Phoenix Framework (with LiveView) and Elixir for the best reliability and scalability, and is also open source.