These scripts send notifications to a Webex space when a new IP is banned by Expressway, and allow to request more info or change the ban status

Overview

Spam Call and Toll Fraud Mitigation

Cisco Expressway release X14 is able to mitigate spam calls and toll fraud attempts by jailing the spam IP address, thus offloading Expressway by unwanted calls and reducing the impact of toll fraud.

This is a bundle made by 2 independent scripts. The first one - ipjail.py - sends a notification card to a Webex space whenever a new IP is banned on a monitored Expressway. The second script - listening_bot.py - allows the admin to interact with the bot by changing the status of an IP between 4 different statuses (ban/unban/exempt/remove exemption) and to request the call activity list of a banned IP. The rest of the scripts need to be in the same folder with the two main ones.

Dependencies:

  • Python 3.9
  • pip install webex_bot
  • pip install requests
  • pip install paramiko
  • pip install openpyxl

Step-by-step Installation Instructions

  • Create a Webex bot and store the bot Access Token
  • Create a Webex space and store the room ID
  • Register to https://www.whoisxmlapi.com and get an API Key for whois lookup
  • Install and run the script. The following instructions apply to CentOS 8, but other platforms might be considered

Create a Webex bot

Register to developer.webex.com. Click on your name in the right upper corner, select "My Webex Apps" and the option "Create a Bot". Copy and store the Access Token:

Copy the Access

Create a Webex space

  1. Use the bot access token to create a room: go to https://developer.webex.com/docs/platform-introduction, select "API Reference" on the left-hand side, scroll down to "Rooms", then click on "Create a room". On the right-hand side uncheck "Use personal access token" and paste the bot access token. Put a name in the "title" box (i.e. "My Space") and then hit "Run". Copy the and store the room ID.

Copy the room ID

  1. Add yourself in the room as a member: go to Memberships -> Create a Membership

Paste the Access

Get an API Key for Whois lookup

Go to https://www.whoisxmlapi.com and register. Click on your username in the right-hand side upper corner and select "My Products". Your API Key will be shown. Store your API Key.

Run the scripts in CentOS 8

  1. Install Python3.9

  2. Create a new directory (in this example is called "notifications"):

    mkdir notifications
    
  3. Install a virtual environment on this directory:

    cd notifications
    python3.9 -m venv ~/.virtualenvs/${PWD##*/}
    source ~/.virtualenvs/${PWD##*/}/bin/activate
    
  4. Install the following packages:

    pip install webex_bot
    pip install requests
    pip install paramiko
    pip install openpyxl
    
  5. Download the script from GitHub and customise the credentials.py file as explained in the file itself (some examples are also reported. Pay attention to commas).

  6. Test the script by running: python3.9 ipjail.py . If credentials.py has been customised correctly the script should run. The script connects to Expressway using HTTPS. If Expressway uses a private cert, the CA must be trusted by the server running the script.

  7. If the test is successful, configure Crontab to run the script periodically by typing: crontab -e. The following configuration makes the script run every hour:

    0 * * * * cd  /root/notifications && source ~/.virtualenvs/${PWD##*/}/bin/activate && python3.9 ipjail.py  >> cron.log 2>&1
    
  8. Test the listening bot by typing python3.9 listening_bot.py. Then set it up as a service to start at boot and automatically restart in case of issues:

vi /etc/systemd/system/webex_bot.service
[Unit]
Description="Webex bot with websocket"

[Service]
User=root
WorkingDirectory=/root/notifications
VIRTUAL_ENV=/root/.virtualenvs/notifications/
Environment=PATH=$VIRTUAL_ENV/bin:$PATH
ExecStart=/root/.virtualenvs/notifications/bin/python3.9 listening_bot.py
Restart=always

[Install]
WantedBy=multi-user.target
  1. Run the service:
    systemctl enable webex_bot.service
    systemctl start webex_bot.service
    
  2. Check the status:
    systemctl status webex_bot.service
    
  3. To stop the service:
    systemctl stop webex_bot.service
    
Owner
Luca Pellegrini
Luca Pellegrini
A Scapy implementation of SMS-SUBMIT and (U)SIM Application Toolkit command packets.

A Scapy implementation of SMS-SUBMIT and (U)SIM Application Toolkit command packets.

mnemonic 83 Dec 11, 2022
Simple threaded Python Rickroll server. Listens on port 23 by default.

Terminal Rickroll Simple threaded Python Rickroll server. Listens on port 23 by default. Rickroll video made using Video-To-Ascii and the standard ric

AG 10 Sep 13, 2022
User-friendly packet captures

capture-packets: User-friendly packet captures Please read before using All network traffic occurring on your machine is captured (unless you specify

Seth Michael Larson 2 Feb 05, 2022
Port Traffic/Bandwidth Monitor Script

python-switch-port-traffic-alarm Port Traffic/Bandwidth Monitor Script That's an Switch Port Traffic monitor program is checking the switch uplink por

goksinenki 4 Sep 02, 2021
Implementing Cisco Support APIs into NetBox

NetBox Cisco Support API Plugin NetBox plugin using Cisco Support APIs to gather EoX and Contract coverage information for Cisco devices. Compatibilit

Timo Reimann 23 Dec 21, 2022
Impacket is a collection of Python classes for working with network protocols.

What is Impacket? Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmat

SecureAuth Corporation 10.4k Jan 09, 2023
This is a Client-Server-System which can share the screen from the server to client and in the other direction.

Screenshare-Streaming-Python This is a Client-Server-System which can share the screen from the server to client and in the other direction. You have

VFX / Videoeffects Creator 1 Nov 19, 2021
Pywbem - A WBEM client and related utilities, written in pure Python.

Pywbem - A WBEM client and related utilities, written in pure Python Overview Pywbem is a WBEM client and WBEM indication listener and provides relate

PyWBEM Projects 39 Dec 22, 2022
Ip-Seeker - See Details With Public Ip && Find Web Ip Addresses

IP SEEKER See Details With Public Ip && Find Web Ip Addresses Tool By Heshan

M.D.Heshan Sankalpa 1 Jan 02, 2022
Easily share folders between VMs.

This package aims to solve the problem of inter-VM file sharing (rather than manual copying) by allowing a VM to mount folders from any other VM's file system (or mounted network shares).

Rudd-O 12 Oct 17, 2022
This Tool Help To Information gathering for domain name or ip address...

Owl-Eye This Tool Help To Information gathering for domain name or ip address... follow this command $apt update && upgrade $apt install python apt in

Black Owl 6 Nov 12, 2022
Connection package to a raspberry or any other machine using ssh, it simplifies the deployment scripts and monitoring.

Connection package to a raspberry or any other machine using ssh, it simplifies the deployment scripts and monitoring.

Dashstrom 7 Mar 29, 2022
A Python framework for interacting with Solana's Pyth network.

Pyth Network A basic Python framework for reading and decoding data regarding the Pyth network

1 Nov 29, 2021
Tool to get the top 100 of the fastest nodes in the Tor network. Based on Kirzahk tool.

Tor Network Top 100 IPs Tool to get the top 100 of the fastest nodes in the Tor network. Based on Kirzahk tool. Just execute top100ipstor.py to get th

Juan Manuel 0 Jan 23, 2022
🌐 Tools for Networking

🌐 Network Tools Tools for Networking This repository contains the tools needed to make networking easier. Make sure to download all of the requiremen

Tornaido 1 Jan 15, 2022
Socket programming is a way of connecting two nodes on a network to communicate with each other

Socket Programming in Python Socket programming is a way of connecting two nodes on a network to communicate with each other. One socket(node) listens

Janak raikhola 1 Jul 05, 2022
Tool that creates a complete copy of your server

Discord-Server-Cloner Tool that creates a complete copy of your server Setup: Open run.bat If the file closes, open cmd And write: pip install -r requ

DEEM 3 Dec 13, 2021
Vent domain information retrieval tool, which is capable of retrieving customer information

Vent domain information retrieval tool, which is capable of retrieving customer information. This tool has been created for the purpose of complete education, Iam not responsible for any illegal acti

Md. Ridwanul Islam Muntakim 25 Dec 09, 2022
Domain To Api [ PYTHON ]

Domain To IP Usage You Open Terminal For Run The Program python ip.py Input & Output Input Your List e.g domain.txt Output ( For Save Output File )

It's Me Jafar 0 Dec 12, 2021
This is the code repository for the USENIX Security 2021 paper, "Weaponizing Middleboxes for TCP Reflected Amplification".

weaponizing-censors Censors pose a threat to the entire Internet. In this work, we show that censoring middleboxes and firewalls can be weaponized by

UMD Breakerspace 119 Dec 31, 2022