ScopServ

VoIP Blacklist

Protect your business and PBX's against VoIP Fraud
Minimize the risks of attacks on your Telephony Server
Save bandwidth by using Geolocation filtering

This service is offered completely free and is sponsered by ScopServ International.
VoIPBL is a distributed VoIP blacklist that is aimed to protects against VoIP Fraud and minimizing abuse for network that have publicly accessible PBX's.
Several algorithms, external sources and manual confirmation are used before we categorize something as an attack and determine the threat level.
Our Geolocation feature allows company to block all network traffic from countries that a network does not need to communicate with, or that are known originators of malicious activity.
The VoIP Blacklist and tools comes with ABSOLUTELY NO WARRANTY and is a volunteer supported application.

Please check if your IP address is actually listed in our blacklist. We routinely expire abusive hosts from our lists so please check if your network address is still on our blacklist.

If your IP address is listed on our database and you can not connect to your PBX you may need the IP Address to be whitelisted.

Please enter an IP Address you want to check into the form below. The IP address of your computer at the moment is Retrieving IP.











We protect you against more than

Loading...

IP Addresses

That were blocked (reported) by

Loading...

Servers

In last 24 hours, we received

Loading...

Queries

On our database that include

Loading...

Netblock (IP)

The Top 10 Countries that are listed in our database:

Loading...

ScopTEL PBX

If you are using ScopServ Telephony Server then simply go into the Web GUI on Telephony - Configuration - Security and enable the VoIP Blacklist support.

Asterisk and others PBX

For other Asterisk-based IP PBX installations, we recommend you follow these instructions to enable VoIP Blacklist support on your system and reduce attack.

Here's the instruction on how to configure VoIP Blacklist on a Linux based system. Simply skip this section if you are using ScopTEL PBX from ScopServ International Inc.

If you want to configure VoIP Blacklist on your own Asterisk PBX, then you will need to install Fail2ban. This is the only required dependency needed to run VoIP Blacklist on your server.

Step 1 You must install Fail2ban on your server. You can refer to the Fail2ban website for detailed instructions and advanced configurations.

Step 2 Create the /etc/cron.d/voipbl file to update rules each 4 hours

# update blacklist each 4 hours
0 */4 * * * * root /usr/local/bin/voipbl.sh

Step 3 If you are using iptables then save the content in /usr/local/bin/voipbl.sh to automatically block offending IP Addresses, Subnet or Netblock. You must also do a chmod 700 on this file.

#!/bin/bash

# Check if chain exists and create one if required
if [ `iptables -L | grep -c "Chain BLACKLIST-INPUT"` -lt 1 ]; then
  /sbin/iptables -N BLACKLIST-INPUT
  /sbin/iptables -I INPUT 1 -j BLACKLIST-INPUT
fi
	
# Empty the chain
/sbin/iptables -F BLACKLIST-INPUT
wget -qO - http://www.voipbl.org/update/ |\
  awk '{print "if [ ! -z \""$1"\" -a \""$1"\" !=  \"#\" ]; then /sbin/iptables -A BLACKLIST-INPUT -s \""$1"\" -j DROP;fi;"}' | sh

Alternatively, if your system support ipset, you can use the following script: (thanks to Graham Barnett for his contribution)

#!/bin/bash

URL="http://www.voipbl.org/update/"

set -e
echo "Downloading rules from VoIP Blacklist"
wget -qO - $URL -O /tmp/voipbl.txt

echo "Loading rules..."

# Check if rule set exists and create one if required
if ! $(/usr/sbin/ipset list voipbl > /dev/null 2>&1); then
  ipset -N voipbl iphash
fi
  
#Check if rule in iptables
if ! $(/sbin/iptables -w --check INPUT -m set --match-set voipbl src -j DROP > /dev/null 2>&1); then
 /sbin/iptables -I INPUT 1 -m set --match-set voipbl src -j DROP
fi
 
# Create temporary chain
ipset destroy voipbl_temp > /dev/null 2>&1 || true
ipset -N voipbl_temp iphash
 
cat /tmp/voipbl.txt |\
  awk '{ print "if [ ! -z \""$1"\" -a \""$1"\"  != \"#\" ]; then /usr/sbin/ipset  -A voipbl_temp \""$1"\" ;fi;"}' | sh
 
ipset swap voipbl_temp voipbl
ipset destroy voipbl_temp || true
 
echo "Done! Rules loaded"

Step 4 Add a new Fail2ban Jail on /etc/fail2ban/jail.conf

[asterisk-iptables]
action   = iptables-allports[name=ASTERISK, protocol=all]
           voipbl[serial=XXXXXXXXXX]

Step 5 Now define the VoIP Blacklist actions for Fail2ban on /etc/fail2ban/action.d/voipbl.conf.

# Description: Configuration for Fail2Ban

[Definition]

actionban   = <getcmd> "<url>/ban/?serial=<serial>&ip=<ip>&count=<failures>"
actionunban = <getcmd> "<url>/unban/?serial=<serial>&ip=<ip>&count=<failures>"

[Init]

getcmd = wget --no-verbose --tries=3 --waitretry=10 --connect-timeout=10 \
              --read-timeout=60 --retry-connrefused --output-document=- \
	      --user-agent=Fail2Ban

url = http://www.voipbl.org



Step 6 Now you can restart the Fail2ban daemon to get protected agains VoIP Fraud!

Filter by Country

It also possible to filter by Country by using the 'bc' (blacklist country) or 'wc' (whitelist country) parameters by using ISO 3166-1 alpha-2 codes.

# Blacklist China, Korea and Singapore
http://voipbl.org/update/?bc[]=CN&bc[]=KR&bc[]=SG

# Whitelist Canada and United Stated
http://voipbl.org/update/?wc[]=CA&wc[]=US


Filter by Network

If you want to filter by Network, you can use the 'bn' (blacklist network) or 'wn' (whitelist network) parameters in the URL.

We support the following regions:


# Blacklist LACNIC and APNIC
http://voipbl.org/update/?bn[]=lacnic&bn[]=apnic

# Whitelist RIPE and ARIN
http://voipbl.org/update/?wn[]=ripe&wn[]=arin

# Blacklist all RIPE except France
http://voipbl.org/update?bn[]=ripe&wc[]=FR

NO WARRANTY

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

This service is offered completely free and is sponsered by
ScopServ International.


100% Free


The VoIP Blacklist and tools comes with ABSOLUTELY NO WARRANTY and is a volunteer supported application.

ScopServ International Inc. (SSI) is a Montreal (Quebec) based Canadian company and is the creator of ScopTEL IP PBX, the most complete and comprehensive GUI on the market for Telephony Server management interface based on Voice over Internet Protocol.

ScopServ International Inc.
9300, route Transcanadienne, Suite 1009
Montréal, Quebec, Canada