The following instructions are to install VoipGuard on your system. Requirements for Voipguard are:
- CentOS 6.3 or higher.
- Mikrotik version 6.1 or higher
yum -y install wget httpd wireshark sendmail php php-gd php-mysql php-mbstring mtr php-process mysql-server librsvg2 urw-fonts sudo ipset
chkconfig --add httpd chkconfig httpd on /etc/init.d/httpd start chkconfig --add mysqld chkconfig mysqld on /etc/init.d/mysqld start
cd /usr/local/src/ wget http://repo.cloudastrix.com/centos/6.5/x86_64/voipguard/voipmonitor-amd64-10.1.23-static.tar.gz
tar -xvf voipmonitor*.tar.gz cd voipmonitor* ./install-script.sh
mysql -u root -p
(ENTER MYSQL ROOT PASSWORD)
create database voipmonitor;
GRANT ALL PRIVILEGES ON voipmonitor to root@localhost IDENTIFIED BY 'set or use root sql password';
GRANT ALL PRIVILEGES ON voipmonitor to root@WHMCSIP IDENTIFIED BY 'set or use root sql password';
EDIT /etc/voipmonitor.conf and set the root MYSQL password.
After that, run /etc/init.d/voipmonitor start.
VOIPGUARD installation into SNIFFER
tar -xvf voipguard.tar.gz
cp -R voipguard/ /var/lib/
yum install -y python-pip
Voipguard installation is completed. The following will explain on how to configure VoipGuard on whmcs:
- Login as client
- Services>My services
- Under your Voipguard product click on 'view details'
- From here you will see the configuration page.You will need to add your voipguard database details (127.0.0.1 if local) and you will need to load your Mikrotik details. Make a backup of your Mikrotik before proceeding. After details are entered you may save the details and proceed to creating alerts.
- Realtime concurrent calls- Alert if the calls at that moment from a certain IP is more than the limit specified in the alert
- Change Register Country- If a sip account has a registration change to a foreign country.
- SIP PACKETS flood/ attack - A type of denial of service attack where multiple sip packets are sent to the server.
- SIP REGISTER flood/ attack - same as a packet flood except it would be a sort of dictonary attack where multiple usernames/passwords will be sent in the hopes that it will register to a weak account.
- ENSURE that you whitelist all your IP's in the INCLUDED ADDRESSES LIST or you might risk blocking yourself from the system.