Avoid Sipvicious and other Attacks Bash Script

VitalPBX Community Support General Discussion Avoid Sipvicious and other Attacks Bash Script

  • Post
    • July 28, 2018 at 5:28 pm
    voiprehberi
    Participant
    Up
    0
    Down
    ::

    Hi there,

    I found the iptables settings on the internet about sipvicious and other ip pbx attack preventation script

    Can you check this working or not ? 

     

    Thank you.

    #!/bin/bash
	
	iptables -N SIPDDOS
	
	iptables -A INPUT -p all -m string --string "sundayddr" --algo bm --to 65535 -m comment --comment "deny sundayddr" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "sipsak" --algo bm --to 65535 -m comment --comment "deny sipsak" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "sipvicious" --algo bm --to 65535 -m comment --comment "deny sipvicious" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "friendly-scanner" --algo bm --to 65535 -m comment --comment "deny friendly-scanner" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "iWar" --algo bm --to 65535 -m comment --comment "deny iWar" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "sip-scan" --algo bm --to 65535 -m comment --comment "deny sip-scan" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "hinet.net" --algo kmp -m comment --comment "deny hinet.net" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "sipcli" --algo kmp -m comment --comment "deny sipcli" -j SIPDDOS
	iptables -A INPUT -p all -m string --string "VaxSIPUserAgent" --algo kmp -m comment --comment "deny VaxSIPUserAgent" -j SIPDDOS
	
	iptables -A SIPDDOS -j LOG --log-prefix "firewall-sipddos: " --log-level 6
	iptables -A SIPDDOS -j DROP
    0
Viewing 7 replies - 1 through 7 (of 7 total)
  • Replies
Viewing 7 replies - 1 through 7 (of 7 total)
  • The forum ‘General Discussion’ is closed to new topics and replies.