Installing VoipGuard on CentOS 6.3 or higher
The following instructions are to install VoipGuard on your system. Requirements for Voipguard are:
- CentOS 6.3 or higher.
- Mikrotik version 6.1 or higher
yum -y install wget httpd wireshark sendmail php php-gd php-mysql php-mbstring mtr php-process mysql-server librsvg2 urw-fonts sudo ipset
chkconfig --add httpd chkconfig httpd on /etc/init.d/httpd start chkconfig --add mysqld chkconfig mysqld on /etc/init.d/mysqld start
cd /usr/local/src/ wget http://repo.cloudastrix.com/centos/6.5/x86_64/voipguard/voipmonitor-amd64-10.1.23-static.tar.gz
tar -xvf voipmonitor*.tar.gz cd voipmonitor* ./install-script.sh
mysql -u root -p
(ENTER MYSQL ROOT PASSWORD)
create database voipmonitor;
GRANT ALL PRIVILEGES ON voipmonitor to root@localhost IDENTIFIED BY 'set or use root sql password';
exit;GRANT ALL PRIVILEGES ON voipmonitor to root@WHMCSIP IDENTIFIED BY 'set or use root sql password';
EDIT /etc/voipmonitor.conf and set the root MYSQL password.
After that, run /etc/init.d/voipmonitor start.
PART 2VOIPGUARD installation into SNIFFER
tar -xvf voipguard.tar.gzcp -R voipguard/ /var/lib/
yum install -y python-pip
Voipguard installation is completed. The following will explain on how to configure VoipGuard on whmcs:
- Login as client
- Services>My services
- Under your Voipguard product click on 'view details'
- From here you will see the configuration page.You will need to add your voipguard database details (127.0.0.1 if local) and you will need to load your Mikrotik details. Make a backup of your Mikrotik before proceeding. After details are entered you may save the details and proceed to creating alerts.
- Realtime concurrent calls- Alert if the calls at that moment from a certain IP is more than the limit specified in the alert
- Change Register Country- If a sip account has a registration change to a foreign country.
- SIP PACKETS flood/ attack - A type of denial of service attack where multiple sip packets are sent to the server.
- SIP REGISTER flood/ attack - same as a packet flood except it would be a sort of dictonary attack where multiple usernames/passwords will be sent in the hopes that it will register to a weak account.
- ENSURE that you whitelist all your IP's in the INCLUDED ADDRESSES LIST or you might risk blocking yourself from the system.
Was this answer helpful?
Data cleaning in spool
Data Cleaning PCAP spool directory By default sniffer stores all data to...