Asterisk PBX 不正利用防止



Similar documents
-2 gnuplot( ) j ( ) gnuplot /shell/myscript 1

unix15-script2_09.key

syspro-0405.ppt

ソフトウェアエンジニアリング - 機能 #14

相続支払い対策ポイント

150423HC相続資産圧縮対策のポイント

ハピタス のコピー.pages

Copyright 2008 All Rights Reserved 2

10/ / /30 3. ( ) 11/ 6 4. UNIX + C socket 11/13 5. ( ) C 11/20 6. http, CGI Perl 11/27 7. ( ) Perl 12/ 4 8. Windows Winsock 12/11 9. JAV

ファイルサーバー(Samba)構築ガイド

DHCPサーバのクラスタ化

橡Taro9-生徒の活動.PDF

LAN

Copyright 2008 NIFTY Corporation All rights reserved. 2

初心者にもできるアメブロカスタマイズ新2016.pages

- 2 Copyright (C) All Rights Reserved.

防災マップ作成システムの開発業務基本設計書

Copyright All Rights Reserved. -2 -!

Microsoft Word - 最終版 バックせどりismマニュアル .docx

bash on Ubuntu on Windows bash on Ubuntu on Windows bash on Ubuntu on Windows bash on Ubuntu on Windows bash on Ubuntu on Windows ˆ Windows10 64bit Wi

A : kerl kerl Erlang/OTP Erlang/OTP 2 2 Elixir/Phoenix URL 2 PDF A.2 Bash macos.bash_profile exp

●70974_100_AC009160_KAPヘ<3099>ーシス自動車約款(11.10).indb

Windows Cygwin Mac *1 Emacs Ruby ( ) 1 Cygwin Bash Cygwin Windows Cygwin Cygwin Mac 1 Mac 1.2 *2 ls *3 *1 OS Linux *2 *3 Enter ( ) 2

情報の分析 1. Linux ツールの活用

改訂版 :基本的な文字化の原則(Basic Transcription System for Japanese: BTSJ)

Sybase on CLUSTERPRO for Linux HowTo

untitled

UNIX

INR-HG5290b_users_Linux-RHEL4_.doc

Unix * 3 PC 2 Linux, Mac *4 Windows Cygwin Cygwin gnuplot Cygwin unix emulator online gnuplot *5 matplotlib *6 SuperMongo *7 gnuplot gnuplot OS *8 Uni


橡環境設定.PDF

健康保険組合のあゆみ_top

リバースマップ原稿2

CM-3G 周辺モジュール拡張技術文書 INA226センサ(電流、電圧、電力)

シェルスクリプトマガジン vol.30

NFS On CLUSTERPRO for Linux

ゼロ タッチ プロビジョニングの設定

etrust Access Control etrust Access Control UNIX(Linux, Windows) 2

unix.dvi


コンピュータ概論

Add-onアプリケーション開発 - 環境構築マニュアル -

Lecture on

REALV5_A4…p_Ł\1_4A_OCF

untitled

「都市から地方への人材誘致・移住促進に関する調査」

<91498EE88CA D815B2E786C73>

〔 大 会 役 員 〕

橡本体資料+参考条文.PDF

GNU Emacs GNU Emacs

Microsoft Word - HAクラスタ構築手順書.doc

シェルスクリプトマガジン Vol.24

273? C

( ) Shift JIS ( ) ASCII ASCII ( ) 8bit = 1 Byte JIS(Japan Industrial Standard) X 0201 (X ) 2 Byte JIS ISO-2022-JP, Shift JIS, EUC 1 Byte 2 By

I117 II I117 PROGRAMMING PRACTICE II SCRIPT LANGUAGE 1 Research Center for Advanced Computing Infrastructure (RCACI) / Yasuhiro Ohara

INR-HF51882d_users_Linux-Solaris_.doc

PowerPoint プレゼンテーション

tebiki00.dvi

やよいの顧客管理

弥生給与/やよいの給与計算

弥生 シリーズ

弥生会計 プロフェッショナル/スタンダード/やよいの青色申告

弥生会計/やよいの青色申告

弥生会計 ネットワーク/プロフェッショナル2ユーザー


3.2 Linux root vi(vim) vi emacs emacs 4 Linux Kernel Linux Git 4.1 Git Git Linux Linux Linus Fedora root yum install global(debian Ubuntu apt-get inst

VHDL VHDL VHDL i

RouteMagic Controller RMC-MP200 / MP Version

RouteMagic Controller( RMC ) 3.6 RMC RouteMagic RouteMagic Controller RouteMagic Controller MP1200 / MP200 Version 3.6 RouteMagic Controller Version 3

% finger apt-get kernel-package, libc6-dev, gcc, make, bin86, bzip2, libdb3-dev, libncurses-dev, fakeroot

untitled

ロードバランサー配下のシボレス IdP 環境設定に関する検証実験 2009 年 12 月 22 日国立情報学研究所学術ネットワーク研究開発センター山地一禎, 中村素典

-34-

CLUSTERPRO ファイルサーバ監視オプション編


RouteMagic Controller RMC-MP200 / MP Version

Copyright 2006 KDDI Corporation. All Rights Reserved page1

WEB DB PRESS Vol.1 65

Transcription:

Asterisk PBX ICTR120716-OR01A Info Circus,Inc.

1 2 2 IP-PBX 3 2.1........................... 3 3 IP-PBX 4 3.1........................................... 4 3.2..................................... 4 3.3.............................. 5 3.4............................... 6 3.5....................................... 6 3.6 IP-PBX......................... 7 3.7.......................... 7 A 8 A.1 /etc/swatch/protector/asterisk-blocker.pl........................... 8 A.2 /etc/init.d/swatch........................................ 9 12 1

1 Asterisk PBX SIP Asterisk *1 /IP Asterisk PBX IP Copyright Info Circus,Inc. All rights reserved 2012. *1 http://www.asterisk-fusion.jp/illegal-access.html 2

2 IP-PBX Asterisk IP-PBX Asterisk ( ) Asterisk SIP 2.1 1000 9999 SIP 1000 5088,100,6501 2 SIP SIP Asterisk SIP 3

3 IP-PBX IP-PBX IP SIP UDP/IP IP IP ( ) CentOS Linux Linux Solaris,BSD OS 3.1 CentOS 5.3 perl 5.8 iptables Asterisk 1.4 iptables TCP/IP 3.2 swatch 4

3.2.1 swatch # perl -MCPAN -e shell cpan> install Bit::Vector cpan> install Date::Calc cpan> install File::Tail cpan> install Time::HiRes cpan> install Date::Parse cpan> exit swatch swatch http://sourceforge.net/projects/swatch/ # wget http://downloads.sourceforge.net/swatch/swatch-3.2.3.tar.gz # tar xfvz swatch-3.2.3.tar.gz # cd swatch-3.2.3 # perl Makefile.PL # make # make test # make install 3.2.2 swatch # mkdir -p /etc/swatch/protector # cd /etc/init.d # wget http://www.infocircus.jp/tech/protect/swatch.txt # mv swatch.txt swtach # chmod +x /etc/init.d/swatch # chkconfig --add swatch # chkconfig swatch on 3.3 swtach Asterisk 5

# vi /etc/swatch/asterisk.conf ----- Begin asterisk.conf ----- # logfile /var/log/asterisk/messages watchfor /No matching peer found/ pipe /etc/swatch/protector/asterisk-blocker.pl watchfor /Wrong password/ pipe /etc/swatch/protector/asterisk-blocker.pl ----- End asterisk.conf ----- # cd protector # wget http://www.infocircus.jp/tech/protect/asteriak-blocker.txt # mv asterisk-blocker.txt asterisk-blocker.pl # chmod +x asterisk-blocker.pl 3.4 # /etc/init.d/swatch start swatch Asterisk PBX 3.5 IP 3.5.1 IP IP? IP ( ) 2,3 IP iptables 6

3.6 IP-PBX asterisk-protector.pl swatch asterisk-protector.pl IP iptables $ cat /var/log/asterisk-block.log /sbin/iptables -A INPUT -p udp -s xxx.xxx.xxx.xxx -j DROP IP udp (DROP) SIP UDP/IP 3.7 iptables iptable /var/log/block-asterisk.log 20 `$exec ` # block-asterisk.log 7

A A.1 /etc/swatch/protector/asterisk-blocker.pl #!/usr/bin/perl use strict; my $log= /var/log/block-asterisk.log ; my $iptables = /sbin/iptables ; my $input = <STDIN>; if( $input =~ /\[.+\].+\ failed for \ (.+)\ -.*/ ){ my $addr = $1; my @c = ( $addr =~ /^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/ ); my $dec = $c[0]*(256**3)+$c[1]*(256**2)+$c[2]*(256)+$c[3]; if( ( 167772160 <= $dec and $dec <= 184549375 ) or ( 2886729728 <= $dec and $dec <= 2887778303 ) or ( 3232235520 <= $dec and $dec <= 3232301055 ) ){ exit 1; } } my $exec = "$iptables -A INPUT -p udp -s $addr -j DROP"; $exec ; open LOG, ">>$log"; print LOG "$exec\n"; close LOG; 8

exit 0; A.2 /etc/init.d/swatch #!/bin/bash # # swatch # # chkconfig: 2345 90 35 # description: swatch start/stop script # Source function library.. /etc/rc.d/init.d/functions PATH=/sbin:/usr/local/bin:/bin:/usr/bin mkdir -p /var/log/swatch start() { # Start daemons. ls /var/run/swatch_*.pid > /dev/null 2>&1 if [ $? -ne 0 ]; then echo -n "Starting swatch" pno=0 for conf in /etc/swatch/*.conf do pno= expr $pno + 1 WATCHLOG= grep "^# logfile" $conf awk { print $3 } swatch --config-file $conf --tail-file $WATCHLOG \ --script-dir=/tmp --awk-field-syntax --use-cpan-file-tail --daemon \ --pid-file /var/run/swatch_$pno.pid \ >> /var/log/swatch/swatch.log 2>&1 RETVAL=$? [ $RETVAL!= 0 ] && return $RETVAL done echo [ $RETVAL = 0 ] && touch /var/lock/subsys/swatch return $RETVAL 9

} else fi echo "swatch is already started" stop() { # Stop daemons. ls /var/run/swatch_*.pid > /dev/null 2>&1 if [ $? -eq 0 ]; then echo -n "Shutting down swatch" for pid in /var/run/swatch_*.pid do kill $(cat $pid) rm -f $pid done echo rm -f /var/lock/subsys/swatch /tmp/.swatch_script.* else echo "swatch is not running" fi } status() { ls /var/run/swatch_*.pid > /dev/null 2>&1 if [ $? -eq 0 ]; then echo -n "swatch (pid" for pid in /var/run/swatch_*.pid do echo -n " cat $pid " done echo ") is running..." else echo "swatch is stopped" fi } case "$1" in start) start ;; 10

stop) stop ;; restart) stop start ;; status) status ;; *) echo "Usage: swatch {start stop restart status}" exit 1 esac exit $RETVAL 11

[1] http://www.ipa.go.jp/security/awareness/vendor/programming/index.html IPA/ [2] Web http://www.trusnet.com/secinfo/docs/webprog1/index.html [3] Web http://www.atmarkit.co.jp/fsecurity/rensai/webhole01/webhole01.html @IT [4] JPCERT/CC http://www.jpcert.or.jp/ JPCERT [5] - ISBN4-87311-204-4 [6] - ISBN4-87311-198-6 Asterisk PBX 1-2-3 21 ICTR120716-OR01A : info@infocircus.jp 12

2026 © docsplayer.net プライバシー | 利用規約 | フィードバック