## Asterisk and VOIPBL - Because They'll Break The Door Down
## Asterisk and VOIPBL - Because They'll Break The Door Down
###### Verson 1.01 - 16-AUG-2022
###### Verson 1.02 - 10-SEP-2022
### The Sad State Of Things
### The Sad State Of Things
@ -37,7 +37,7 @@ Now we need to create the shell script it calls; `/usr/local/bin/voipbpl.sh`
#!/bin/bash
#!/bin/bash
# Check if chain exists and create one if required
# Check if chain exists and create one if required
if [ `iptables -L | grep -c "Chain BLACKLIST-INPUT"` -lt 1 ]; then
if [ `iptables -S | grep -c "BLACKLIST-INPUT"` -lt 1 ]; then
/sbin/iptables -N BLACKLIST-INPUT
/sbin/iptables -N BLACKLIST-INPUT
/sbin/iptables -I INPUT 1 -j BLACKLIST-INPUT
/sbin/iptables -I INPUT 1 -j BLACKLIST-INPUT
fi
fi
@ -112,7 +112,7 @@ Okay....configuration is done. Make everything active.
- `sudo bash /usr/local/bin/voipbpl.sh`
- `sudo bash /usr/local/bin/voipbpl.sh`
That last line will run the script to populate iptables. This will take a LONG time and you will see no status. I suggest switching to another term or window, running htop, and filtering for iptables. You can then get some idea of the progress by watching the IPs it adds.
Originally I thought this took much, much longer to run than it actually needs to. I finally realized part of the reason is the script was running `iptables -L` to check for the filter. *THAT TAKES FOREVER*. You know what doesn't take forever? `iptables -S` So now the entire thing updates in less than 2 minutes.
This is about the baseline level of security I recommend. It's probably far from perfect, I'm not a cybersecurity expert. It does however prevent the nonstop attempts on the server and does seem to catch the one that come through. In the last 24 hours I've seen TWO attempts; and both were done within 90 seconds.
This is about the baseline level of security I recommend. It's probably far from perfect, I'm not a cybersecurity expert. It does however prevent the nonstop attempts on the server and does seem to catch the one that come through. In the last 24 hours I've seen TWO attempts; and both were done within 90 seconds.