› VitalPBX Community Support › General Discussion › Avoid Sipvicious and other Attacks Bash Script
- This topic has 7 replies, 3 voices, and was last updated 1 year, 10 months ago by
Jose Miguel Rivera.
- Post
-
- July 28, 2018 at 5:28 pm
Hi there,
I found the iptables settings on the internet about sipvicious and other ip pbx attack preventation script
Can you check this working or not ?
Thank you.
#!/bin/bash iptables -N SIPDDOS iptables -A INPUT -p all -m string --string "sundayddr" --algo bm --to 65535 -m comment --comment "deny sundayddr" -j SIPDDOS iptables -A INPUT -p all -m string --string "sipsak" --algo bm --to 65535 -m comment --comment "deny sipsak" -j SIPDDOS iptables -A INPUT -p all -m string --string "sipvicious" --algo bm --to 65535 -m comment --comment "deny sipvicious" -j SIPDDOS iptables -A INPUT -p all -m string --string "friendly-scanner" --algo bm --to 65535 -m comment --comment "deny friendly-scanner" -j SIPDDOS iptables -A INPUT -p all -m string --string "iWar" --algo bm --to 65535 -m comment --comment "deny iWar" -j SIPDDOS iptables -A INPUT -p all -m string --string "sip-scan" --algo bm --to 65535 -m comment --comment "deny sip-scan" -j SIPDDOS iptables -A INPUT -p all -m string --string "hinet.net" --algo kmp -m comment --comment "deny hinet.net" -j SIPDDOS iptables -A INPUT -p all -m string --string "sipcli" --algo kmp -m comment --comment "deny sipcli" -j SIPDDOS iptables -A INPUT -p all -m string --string "VaxSIPUserAgent" --algo kmp -m comment --comment "deny VaxSIPUserAgent" -j SIPDDOS iptables -A SIPDDOS -j LOG --log-prefix "firewall-sipddos: " --log-level 6 iptables -A SIPDDOS -j DROP
0
Viewing 7 replies - 1 through 7 (of 7 total)
- Replies
-
- July 28, 2018 at 5:43 pm
- February 15, 2019 at 4:13 pm
- February 15, 2019 at 8:11 pm
- February 15, 2019 at 8:28 pm
Sorry I do not but I found this thread that talk’s about adding it to a zone in firewalld, but this is beyond my knowledge.
0- February 15, 2019 at 8:32 pm
- February 27, 2019 at 1:38 pm
Jose:
Do you think this my be something we can use.
https://www.linode.com/community/questions/11143/top-tip-firewalld-and-ipset-country-blacklist
0- February 27, 2019 at 2:53 pm
Posted by: GaryJose:
Do you think this my be something we can use.
https://www.linode.com/community/questions/11143/top-tip-firewalld-and-ipset-country-blacklist
It could be implemented in the near future!
0
Viewing 7 replies - 1 through 7 (of 7 total)
- You must be logged in to reply to this topic.