Ignore IP para Jail.local

ignoreip = 127.0.0.1/8,148.101.144.133,148.0.37.163,148.0.0.0/16,186.1.64.0/24,186.6.0.0/16,186.33.64.0/24,205.233.76.0/22,64.32.64.0/18,66.98.0.0/18,66.98.64.0/19,131.221.4.0/22,138.36.24.0/22,138.97.248.0/22,138.99.236.0/22,138.255.248.0/22,143.0.24.0/22,143.137.80.0/22,143.208.164.0/22,148.0.0.0/16,148.101.0.0/16,148.103.0.0/16,148.255.0.0/16,152.0.0.0/16,152.166.0.0/15,179.43.192.0/18,179.49.80.0/20,179.51.64.0/20,179.52.0.0/15,181.36.0.0/15,181.224.168.0/22,181.224.204.0/22,186.1.64.0/18,186.6.0.0/16,186.7.0.0/16,186.33.64.0/18,186.120.0.0/17,186.120.128.0/17,186.148.88.0/21,186.149.0.0/16,186.150.0.0/16,190.0.64.0/19,190.6.128.0/20,190.6.144.0/20,190.8.32.0/20,190.52.224.0/20,190.52.240.0/20,190.80.128.0/18,190.80.192.0/18,190.94.0.0/19,190.94.32.0/19,190.94.64.0/18,190.103.180.0/22,190.106.112.0/21,190.110.0.0/19,190.110.32.0/19,190.113.64.0/20,190.113.240.0/22,190.122.96.0/20,190.122.112.0/20,190.124.64.0/19,190.166.0.0/17,190.166.128.0/17,190.167.0.0/16,190.211.176.0/20,191.97.88.0/21,191.97.104.0/22,191.98.208.0/21,191.102.240.0/22,196.3.74.0/23,196.3.76.0/22,196.3.80.0/21,196.3.88.0/23,196.3.106.0/24,200.1.154.0/24,200.1.155.0/24,200.10.142.0/24,200.10.162.0/24,200.14.79.0/24,200.16.90.0/23,200.26.168.0/21,200.42.192.0/19,200.42.224.0/20,200.42.240.0/20,200.58.240.0/21,200.88.0.0/19,200.88.32.0/19,200.88.64.0/18,200.88.128.0/19,200.88.160.0/19,200.88.192.0/18,200.89.88.0/21,201.131.50.0/24,201.131.106.0/24,201.131.107.0/24,201.221.126.0/24,201.229.128.0/18,201.229.192.0/18,204.126.128.0/23

Negación de scaners SIP

iptables -A INPUT -p all -m string --string "sundayddr" --algo bm --to 65535 -m comment --comment "deny sundayddr" -j DROP
iptables -A INPUT -p all -m string --string "sipsak" --algo bm --to 65535 -m comment --comment "deny sipsak" -j DROP
iptables -A INPUT -p all -m string --string "sipvicious" --algo bm --to 65535 -m comment --comment "deny sipvicious" -j DROP
iptables -A INPUT -p all -m string --string "friendly-scanner" --algo bm --to 65535 -m comment --comment "deny friendly-scanner" -j DROP
iptables -A INPUT -p all -m string --string "iWar" --algo bm --to 65535 -m comment --comment "deny iWar" -j DROP
iptables -A INPUT -p all -m string --string "sip-scan" --algo bm --to 65535 -m comment --comment "deny sip-scan" -j DROP
iptables -A INPUT -p all -m string --string "hinet.net" --algo kmp -m comment --comment "deny hinet.net" -j DROP
iptables -A INPUT -p all -m string --string "sipcli" --algo kmp -m comment --comment "deny sipcli" -j DROP
iptables -A INPUT -p all -m string --string "VaxSIPUserAgent" --algo kmp -m comment --comment "deny VaxSIPUserAgent" -j DROP

Luego salvan con el comando

service iptables save

Instalar el paquete TCPDUMP

yum install tcpdump -y

Utilizar este comando para captura

tcpdump -i any -s0 -w captura01.pcap
Para detenerlo presionar CTRL C

Protected: Curso VOIP Avanzado

Ignore IP para Jail.local

Leave a Reply Cancel reply

Categoría de productos

Productos

Cursos Online

Sobre la tienda

Modal title