[on-asterisk] Help with auto provisioning on Linksys PAP2T ATA
Can anyone help with provisioning on this device? I've tried scouring the net for help from Linksys/Cisco and found very little. The best I can find is the administration guide which does little more than explain the IVR and it's codes. http://www.cisco.com/en/US/docs/voice_ip_comm/csbpvga/pap2t/administration/g uide/pap2t_user.pdf I'm trying to figure out where to tell the ATA look for configuration info and also understand what are the options that I can put in the mac.cfg file. One slight wrinkle -- my Asterisk box is in a datacenter and not on the same LAN as the ATAs. Thanks in advance. Erik.
Re: [on-asterisk] VoIP over WIMAX
IMHO only media packets are blocked - the same happening from intranet of some companies I had worked for -- Igor Ostapchenko +1-877-OCTANIX ext:2021 On Thu, 2010-01-28 at 07:42 -0500, Matthew Gamble wrote: Have you tried running SIP on a different port (for example, 5062)? You can setup a quick DNAT on your Asterisk server to send all traffic it receives on 5062 to port 5060: /sbin/iptables -t nat -A PREROUTING -p udp -d PublicIP --dport 5062 -j DNAT --to PublicIP:5060 It's worth trying to see if they are just blocking based on the port. I had the same issue with some ISP's in other countries outside of North America and by moving to 5062 the client was able to make calls. Hope that helps! On Thu, Jan 28, 2010 at 7:12 AM, Liviu Toma liviu.t...@gmail.com wrote: Thank you both. IAX was going to be the next thing to try on my list. Liviu On Thu, Jan 28, 2010 at 2:32 AM, Reza - Asterisk Consultant aster...@neoenova.com wrote: A while ago a friend tried something similar. He concluded SIP UDP packets are blocked or filtered out. He enabled VPN and connected directly with his office PBX without issues. It just appears that SIP audio traffic is blocked. However as with Patrick, the IAX protocol worked without any VPN or traffic modifications/re-routing to other ports. I'm still curious about what you are doing and accomplishing - but I am equally curious with the Windmobile Internet service for both the SIP protocols and the latency period. *Cheers! Reza.* -- Toronto based VoIP / Asterisk Trainer, I.T. Consultant and Hosted PBX Solutions Provider. +1-647-476-2067. http://www.linkedin.com/in/seminar On Wed, Jan 27, 2010 at 10:37 PM, Patrick Song stl...@gmail.com wrote: I had a bad luck to send sip traffice over Rogers Portable Internet in the past but IAX is ok On Wed, Jan 27, 2010 at 7:44 PM, Liviu Toma liviu.t...@gmail.com wrote: Hello, Has anyone been able use a VoIP adapter over WiMAX (Bell Rural Internet or Rogers Portable Interet) ? I have a Bell WiMAX modem to play with for a couple of days and I can't get VoIP to work through it. Basically the adapter registers with Asterisk or with the other service without problems, but can't make or receive calls. I tried two different ATAs (a D-Link with built in wireless router and a Linksys SPA2100). The adapter gets a public IP address from the modem, so there's no NAT involved. The latency between my Asterisk server (installed in a different location, with public IP address again, no NAT) and the VoIP adapter is less than 50 ms, so that can't be a cause. If I turn on sip debugging on my Asterisk, I can see SIP the packets going back and forth during registration, but when I call my ATA there SIP messages are going only one way, from Asterisk to ATA, nothing coming back. Bell has a very lame statement in their FAQ at https://www.highspeedunplugged.sympatico.ca/CustomerPreSales/Landing/FAQ.aspx There are many VoIP offerings on the market, all using different communication 'protocols' or methods of establishing a VoIP conversation. Unfortunately, we cannot guarantee that a particular VoIP service will work with your Sympatico Unplugged service... My guess is they are blocking it on purpose. Thanks, Liviu - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org -- Thank you Patrick Song Thinking globally, Networking locally CCVP, CCNP, M.Eng in Telecommunications Cell:1-647-868-2950 - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] VoIP / SIP via Windmobile - Mobile Internet
I have no trouble using Nokia N95 SIP client to make calls over Fido 3G using g729 - no issues if you have good signal. So I also interested in how is it with WIND and decide to port or not eventually ... -- Igor Ostapchenko +1-877-OCTANIX ext:2021 On Wed, 2010-01-27 at 01:11 -0500, Reza - Asterisk Consultant wrote: Hello: Anyone here subscribed to Windmobile's Mobile Internet?If so - have you tried SIP phones over this by means of Ethernet Bridging? I've successfully used Aastra SIP phones via Ethernet Bridging with my laptop overseas via wireless internet - and am curious to know whether there are any limitations on the Windmobile service for SIP. My experience with GSM Mobile Internet is approximately 200-300 ms delay, and the quality was quite acceptable. Thanks! Reza. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA
You would use DHCP option 66 to tell it the ip address of the TFTP server to go to. Most SPA devices (which the PAP2 is I believe) will also accept http://spa ip address/admin/resync?http://location of config Here are some pointers on the config file format: http://www.mail-archive.com/asterisk@uc.org/msg03093.html 2010/1/29 Erik Schwartz asterisk...@gmail.com: Can anyone help with provisioning on this device? I've tried scouring the net for help from Linksys/Cisco and found very little. The best I can find is the administration guide which does little more than explain the IVR and it's codes. http://www.cisco.com/en/US/docs/voice_ip_comm/csbpvga/pap2t/administration/g uide/pap2t_user.pdf I'm trying to figure out where to tell the ATA look for configuration info and also understand what are the options that I can put in the mac.cfg file. One slight wrinkle -- my Asterisk box is in a datacenter and not on the same LAN as the ATAs. Thanks in advance. Erik. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA
To access the Provisioning settings of the PAP2T, use 110# to find its IP address, then go to the web interface, click Admin Login on the right then click Switch to Advanced view in the middle. Now you should see the Provisioning tab (see this for what the web page should look like: http://voipfan.net/emulators/pap2t/admin/advanced/) The Profile Rule setting from that page specifies the URL for your provisioning server. You can point it to a web server or a TFTP server. Also, you can specify an encryption key for the configuration file. Usually, most people use a token like $MA in the URL, which the adapter will replace with its own MAC address. As for the DHCP option 66: that can be used as well, if your provisioning server is located in the same LAN as your VoIP adapter(s). If I'm not mistaking, the PAP2 and PAP2T will look for a TFTP server using that DHCP option, and then they will ask for the file init.cfg from the root of the TFTP server. That init.cfg could have the whole configuration (but then if you have multiple ATAs they will all use the same configuration file), or you can use the init.cfg to point the adapter's provisioning to another server/URL. For example, my init.cfg is a simple XML that looks like this: flat-profile Profile_Rule ua=nahttp://sipconfig.anotherserver.net/$MA.xml/Profile_Rule /flat-profile This way, any factory reset adapter that connects to my LAN will grab that file automatically and set its provisioning URL to http://sipconfig.anotherserver.net/$MA.xml;. From there, I can use separate configuration files based on the MAC address of the adapter. To see what the configuration file would look like, I recommend downloading the SPC tool from http://www.cisco.com/en/US/prod/voicesw/ps6790/gatecont/ps10024/ps10029/PAP2T_Firmware.zip You can use it to generate a sample configuration file for you, then customize that file to your needs. Just a friendly notice that due to the huge number of options that you can change in the Linksys ATAs, the sample XML can look a little scary. If you want a trimmed down version of the config file, have a look at the one I am using http://voipfan.net/files/sample.xml Last, here's a good admin guide for the Linksys / Sipura adapters. It has lots of info on provisioning too: http://voipfan.net/files/LinksysSPAAdminGuidev2.0.11-16.pdf On Wed, Jan 27, 2010 at 7:09 PM, Erik Schwartz asterisk...@gmail.com wrote: Can anyone help with provisioning on this device? I've tried scouring the net for help from Linksys/Cisco and found very little. The best I can find is the administration guide which does little more than explain the IVR and it's codes. http://www.cisco.com/en/US/docs/voice_ip_comm/csbpvga/pap2t/administration/g uide/pap2t_user.pdf I'm trying to figure out where to tell the ATA look for configuration info and also understand what are the options that I can put in the mac.cfg file. One slight wrinkle -- my Asterisk box is in a datacenter and not on the same LAN as the ATAs. Thanks in advance. Erik. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA
Do you know if this applies to all of the sipura based ATAs? 3102, etc... Are the XML files compatible? I too would also like to auto provision my Sipuras. Only reason I'm using those instead of the PAP2's is T38... although I have yet to have to actually use T38. -Original Message- From: Liviu Toma [mailto:liviu.t...@gmail.com] Sent: January-29-10 9:15 AM To: asterisk@uc.org Subject: Re: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA To access the Provisioning settings of the PAP2T, use 110# to find its IP address, then go to the web interface, click Admin Login on the right then click Switch to Advanced view in the middle. Now you should see the Provisioning tab (see this for what the web page should look like: http://voipfan.net/emulators/pap2t/admin/advanced/) The Profile Rule setting from that page specifies the URL for your provisioning server. You can point it to a web server or a TFTP server. Also, you can specify an encryption key for the configuration file. Usually, most people use a token like $MA in the URL, which the adapter will replace with its own MAC address. As for the DHCP option 66: that can be used as well, if your provisioning server is located in the same LAN as your VoIP adapter(s). If I'm not mistaking, the PAP2 and PAP2T will look for a TFTP server using that DHCP option, and then they will ask for the file init.cfg from the root of the TFTP server. That init.cfg could have the whole configuration (but then if you have multiple ATAs they will all use the same configuration file), or you can use the init.cfg to point the adapter's provisioning to another server/URL. For example, my init.cfg is a simple XML that looks like this: flat-profile Profile_Rule ua=nahttp://sipconfig.anotherserver.net/$MA.xml/Profile_Rule /flat-profile This way, any factory reset adapter that connects to my LAN will grab that file automatically and set its provisioning URL to http://sipconfig.anotherserver.net/$MA.xml;. From there, I can use separate configuration files based on the MAC address of the adapter. To see what the configuration file would look like, I recommend downloading the SPC tool from http://www.cisco.com/en/US/prod/voicesw/ps6790/gatecont/ps10024/ps10029/PAP2T_Firmware.zip You can use it to generate a sample configuration file for you, then customize that file to your needs. Just a friendly notice that due to the huge number of options that you can change in the Linksys ATAs, the sample XML can look a little scary. If you want a trimmed down version of the config file, have a look at the one I am using http://voipfan.net/files/sample.xml Last, here's a good admin guide for the Linksys / Sipura adapters. It has lots of info on provisioning too: http://voipfan.net/files/LinksysSPAAdminGuidev2.0.11-16.pdf On Wed, Jan 27, 2010 at 7:09 PM, Erik Schwartz asterisk...@gmail.com wrote: Can anyone help with provisioning on this device? I've tried scouring the net for help from Linksys/Cisco and found very little. The best I can find is the administration guide which does little more than explain the IVR and it's codes. http://www.cisco.com/en/US/docs/voice_ip_comm/csbpvga/pap2t/administra tion/g uide/pap2t_user.pdf I'm trying to figure out where to tell the ATA look for configuration info and also understand what are the options that I can put in the mac.cfg file. One slight wrinkle -- my Asterisk box is in a datacenter and not on the same LAN as the ATAs. Thanks in advance. Erik. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA
Most of this applies to all the Sipura based adapters with a couple of notes: - for the SPA adapters, the default provisioning URL is set to /spa$PSN.cfg. The $PSN token is the adapter's model, so for example a SPA2002 will look for /spa2002.cfg, a SPA3102 will look for spa3102.cfg, etc - most of the settings in the XML are the same among different adapters, however, there are differences. For example the SPA2102 and SPA3102 incorporate a router, so that are some additional settings related to that feature. The SPA3000 and SPA3102 have an FXO+an FXS port instead of 2 FXS, so the settings in the Line (FXO) tab are a little different. The best way to see what settings are available is to download the SPC tool from Cisco for that particular model and use it to generate a sample file. Liviu - Original Message - From: Chuck Mariotti cmario...@xunity.com To: liviu.t...@gmail.com; asterisk@uc.org Sent: Friday, January 29, 2010 9:55 AM Subject: RE: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA Do you know if this applies to all of the sipura based ATAs? 3102, etc... Are the XML files compatible? I too would also like to auto provision my Sipuras. Only reason I'm using those instead of the PAP2's is T38... although I have yet to have to actually use T38. -Original Message- From: Liviu Toma [mailto:liviu.t...@gmail.com] Sent: January-29-10 9:15 AM To: asterisk@uc.org Subject: Re: [on-asterisk] Help with auto provisioning on Linksys PAP2T ATA To access the Provisioning settings of the PAP2T, use 110# to find its IP address, then go to the web interface, click Admin Login on the right then click Switch to Advanced view in the middle. Now you should see the Provisioning tab (see this for what the web page should look like: http://voipfan.net/emulators/pap2t/admin/advanced/) The Profile Rule setting from that page specifies the URL for your provisioning server. You can point it to a web server or a TFTP server. Also, you can specify an encryption key for the configuration file. Usually, most people use a token like $MA in the URL, which the adapter will replace with its own MAC address. As for the DHCP option 66: that can be used as well, if your provisioning server is located in the same LAN as your VoIP adapter(s). If I'm not mistaking, the PAP2 and PAP2T will look for a TFTP server using that DHCP option, and then they will ask for the file init.cfg from the root of the TFTP server. That init.cfg could have the whole configuration (but then if you have multiple ATAs they will all use the same configuration file), or you can use the init.cfg to point the adapter's provisioning to another server/URL. For example, my init.cfg is a simple XML that looks like this: flat-profile Profile_Rule ua=nahttp://sipconfig.anotherserver.net/$MA.xml/Profile_Rule /flat-profile This way, any factory reset adapter that connects to my LAN will grab that file automatically and set its provisioning URL to http://sipconfig.anotherserver.net/$MA.xml;. From there, I can use separate configuration files based on the MAC address of the adapter. To see what the configuration file would look like, I recommend downloading the SPC tool from http://www.cisco.com/en/US/prod/voicesw/ps6790/gatecont/ps10024/ps10029/PAP2T_Firmware.zip You can use it to generate a sample configuration file for you, then customize that file to your needs. Just a friendly notice that due to the huge number of options that you can change in the Linksys ATAs, the sample XML can look a little scary. If you want a trimmed down version of the config file, have a look at the one I am using http://voipfan.net/files/sample.xml Last, here's a good admin guide for the Linksys / Sipura adapters. It has lots of info on provisioning too: http://voipfan.net/files/LinksysSPAAdminGuidev2.0.11-16.pdf On Wed, Jan 27, 2010 at 7:09 PM, Erik Schwartz asterisk...@gmail.com wrote: Can anyone help with provisioning on this device? I've tried scouring the net for help from Linksys/Cisco and found very little. The best I can find is the administration guide which does little more than explain the IVR and it's codes. http://www.cisco.com/en/US/docs/voice_ip_comm/csbpvga/pap2t/administra tion/g uide/pap2t_user.pdf I'm trying to figure out where to tell the ATA look for configuration info and also understand what are the options that I can put in the mac.cfg file. One slight wrinkle -- my Asterisk box is in a datacenter and not on the same LAN as the ATAs. Thanks in advance. Erik. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
[on-asterisk] Long distance fraud... $24,000+
Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti
RE: [on-asterisk] Long distance fraud... $24,000+
From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
I know someone who had the same issue and they managed to get it zeroed, but the situation was a little different. The LD company was Bell. The problem was that Bell were not supposed to be the LD. Basically the company moved from analog lines (from Bell) to a PRI (from Bell too). The LD for analog lines was Sprint. Bell was supposed to assign Sprint as LD to the new PRI and they didn't. The fraudulent calls happened within the first 1-2 weeks of the change, before they even realized that the LD company wasn't the proper one. In the end Bell ate up the loss, but it took about 2-3 years until they did so. In the meantime, the customer was paying only the regular phone charges, without the LD balance (and penalties) that kept being carried from one bill to another until Bell removed them. Liviu - Original Message - From: Chuck Mariotti cmario...@xunity.com To: asterisk@uc.org Sent: Friday, January 29, 2010 11:13 AM Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
Nabeel is right. I never seen anyone being able to zero their bill on such issues. I have seen the provider reducing the bill to their cost to help. Now one thing you can do to help reduce the bill: ask AllStream why they never detected this fraud? They are suppose to have auditing systems in place and contact customers within 24 hours for abnormal international call volume. In our case, we contact the customer after just one hour. We run our audits every hour to detect possible frauds. It protects our customers and my business too because we have to pay our provider in this case too. Bell have audits in place and will contact the customer within 24hours to ask if everything is normal with all the international calls. If it's a retail customer, Bell will reduce the bill to their cost to help. If it's a wholesale customer, Bell will not reduce anything. I assume AllStream is probably the same. The invoice won't be zero, but it could be reduced to their cost if your customer is a retail customer and not a wholesale customer. Good luck! Stephan Monette Unlimitel Inc. On 2010-01-29, at 11:18 AM, Nabeel Jafferali wrote: From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Long distance fraud... $24,000+
I would agree, the equipment is what let the hacker in. In this case, a weak voicemail password likely. Not AllStream. But I think that's being a little too easy on AllStream in this case. The number of lines/trunks they have purchased/sold contradicts the line capacity they delivered. For example if they have eight employees, they are told to purchase eight lines. They purchased a number of lines so they could place that many phone calls. What's happened is that an insane amount of volume (24,000+ minutes) was done using only three phone lines, in a 14.5 hour window. Dozens of simultaneous phone calls... on only three lines. Because AllSteam allows this hookswitch feature? As well, the client usually spends under $1,000 a month on their total bill. At what time is it reasonable for AllStream's monitoring system to go off and for someone to cut off the service? 4 times the usual volume? 4 times usual volume per month within an hour? High Volumes, in a suspicious pattern that's never happened on those lines before? And obvious exploit that happens daily? This should have been stopped within an hour or two... not 14.5 hours later. Not dozens of simultaneous calls, on only three lines, over 14 hours, that's never happened before. In the middle of the night. That's just negligence on their part. AllStream is making money off of this fraud, at full price. I am certain that we'll be able to get some discount on it (in good faith), but even half the price is too much and they are still profiting from fraud. There must be a reasonable rate to pay. I'm sure that AllStream will report it as fraud and get it credited back to themselves in some shape or form. Hell, the same calls using Unlimitel would have been less than 1/10th of the price (and Unlimitel makes their profit off that). And I'm sure they would have shut it down in a matter of minutes... not hours. Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. Chuck -Original Message- From: Nabeel Jafferali [mailto:nab...@x2n.ca] Sent: January-29-10 11:19 AM To: asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. It is: if they bankrupt their customers by failing to detect this sort of thing they may get paid pennies on the dollar. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
Chuck, Their cost is about half price. So if they offer to reduce it to half the invoice, they are probably doing it at cost. Stephan Monette Unlimitel Inc. On 2010-01-29, at 11:46 AM, Chuck Mariotti wrote: I would agree, the equipment is what let the hacker in. In this case, a weak voicemail password likely. Not AllStream. But I think that's being a little too easy on AllStream in this case. The number of lines/trunks they have purchased/sold contradicts the line capacity they delivered. For example if they have eight employees, they are told to purchase eight lines. They purchased a number of lines so they could place that many phone calls. What's happened is that an insane amount of volume (24,000+ minutes) was done using only three phone lines, in a 14.5 hour window. Dozens of simultaneous phone calls... on only three lines. Because AllSteam allows this hookswitch feature? As well, the client usually spends under $1,000 a month on their total bill. At what time is it reasonable for AllStream's monitoring system to go off and for someone to cut off the service? 4 times the usual volume? 4 times usual volume per month within an hour? High Volumes, in a suspicious pattern that's never happened on those lines before? And obvious exploit that happens daily? This should have been stopped within an hour or two... not 14.5 hours later. Not dozens of simultaneous calls, on only three lines, over 14 hours, that's never happened before. In the middle of the night. That's just negligence on their part. AllStream is making money off of this fraud, at full price. I am certain that we'll be able to get some discount on it (in good faith), but even half the price is too much and they are still profiting from fraud. There must be a reasonable rate to pay. I'm sure that AllStream will report it as fraud and get it credited back to themselves in some shape or form. Hell, the same calls using Unlimitel would have been less than 1/10th of the price (and Unlimitel makes their profit off that). And I'm sure they would have shut it down in a matter of minutes... not hours. Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. Chuck -Original Message- From: Nabeel Jafferali [mailto:nab...@x2n.ca] Sent: January-29-10 11:19 AM To: asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
The problem here is... everyone blames the telco why was the phone system insecure to begin with? On Fri, Jan 29, 2010 at 11:53 AM, Ian Darwin i...@darwinsys.com wrote: Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. It is: if they bankrupt their customers by failing to detect this sort of thing they may get paid pennies on the dollar. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
[on-asterisk] RE: Long distance fraud... $24,000+
Chuck: Unfortunately your customer may be stuck. I can tell you that we had one case of this in the past here at Telnet where one of our customers was hit by fraud (they had an insecure box, wasn't our fault) and ended up with a $1,500 bill after about 24 hours...luckily we noticed it and let them know after 24 hours. So how did it pan out for our customer. Although we (Telnet) felt no responsibility whatsoever to do anything (as it wasn't our fault), in the spirit of being co-operative and compassionate we agreed to re-rate all of the customers calls at our cost. We did have a hard cost for those calls and we didn't feel that we should be out our costs. I don't know if Allstream will agree to the same (I doubt it), but you can try. One thing that you may try is asking them why their fraud management dept didn't pick up on this earlier. Regards, Bill -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: Friday, January 29, 2010 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
Re: [on-asterisk] Long distance fraud... $24,000+
I dont know why this is such a new issue to most people, phreakers have been doing this for over a 2 decades now. I know it sounds harsh but.. .dont open your phone system up with things like password protected dialtone access or even worse dialing from mailboxes, eventually someone is going to find the number and brute force it. Even sip registrations get hammered to hell with people trying to brute force, people really need to start taking a better look at there logs and putting in watchdogs to prevent such abuse :p Phil. Leo wrote: The problem here is... everyone blames the telco why was the phone system insecure to begin with? On Fri, Jan 29, 2010 at 11:53 AM, Ian Darwin i...@darwinsys.com wrote: Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. It is: if they bankrupt their customers by failing to detect this sort of thing they may get paid pennies on the dollar. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Long distance fraud... $24,000+
So what was the cause of this? Was it someone on the inside (of the company) who found a weak password and went wild, or was it someone packet shaping that got the SIP credentials and connected from else where? What can be done to prevent scenarios where someone gets the SIP credentials? Are TLS or SRTP used to prevent this? Erik. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: Friday, January 29, 2010 11:47 AM To: Nabeel Jafferali; asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ I would agree, the equipment is what let the hacker in. In this case, a weak voicemail password likely. Not AllStream. But I think that's being a little too easy on AllStream in this case. The number of lines/trunks they have purchased/sold contradicts the line capacity they delivered. For example if they have eight employees, they are told to purchase eight lines. They purchased a number of lines so they could place that many phone calls. What's happened is that an insane amount of volume (24,000+ minutes) was done using only three phone lines, in a 14.5 hour window. Dozens of simultaneous phone calls... on only three lines. Because AllSteam allows this hookswitch feature? As well, the client usually spends under $1,000 a month on their total bill. At what time is it reasonable for AllStream's monitoring system to go off and for someone to cut off the service? 4 times the usual volume? 4 times usual volume per month within an hour? High Volumes, in a suspicious pattern that's never happened on those lines before? And obvious exploit that happens daily? This should have been stopped within an hour or two... not 14.5 hours later. Not dozens of simultaneous calls, on only three lines, over 14 hours, that's never happened before. In the middle of the night. That's just negligence on their part. AllStream is making money off of this fraud, at full price. I am certain that we'll be able to get some discount on it (in good faith), but even half the price is too much and they are still profiting from fraud. There must be a reasonable rate to pay. I'm sure that AllStream will report it as fraud and get it credited back to themselves in some shape or form. Hell, the same calls using Unlimitel would have been less than 1/10th of the price (and Unlimitel makes their profit off that). And I'm sure they would have shut it down in a matter of minutes... not hours. Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. Chuck -Original Message- From: Nabeel Jafferali [mailto:nab...@x2n.ca] Sent: January-29-10 11:19 AM To: asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Long distance fraud... $24,000+
I completely agree, this is not new or surprising. I'll even admit to screwing around with Green / Red boxes, chat rooms, etc... in my younger years (crap, that's the second time I've referred to myself as getting old this week). I just don't agree with the compliance or profiting from it by big businesses. I know it seems utopian, but maybe it's because I'm getting old (crap, that's three). Chuck -Original Message- From: Philip Mullis [mailto:philip.mul...@syx.ca] Sent: January-29-10 12:21 PM To: Leo Cc: asterisk@uc.org Subject: Re: [on-asterisk] Long distance fraud... $24,000+ I dont know why this is such a new issue to most people, phreakers have been doing this for over a 2 decades now. I know it sounds harsh but.. .dont open your phone system up with things like password protected dialtone access or even worse dialing from mailboxes, eventually someone is going to find the number and brute force it. Even sip registrations get hammered to hell with people trying to brute force, people really need to start taking a better look at there logs and putting in watchdogs to prevent such abuse :p Phil. Leo wrote: The problem here is... everyone blames the telco why was the phone system insecure to begin with? On Fri, Jan 29, 2010 at 11:53 AM, Ian Darwin i...@darwinsys.com wrote: Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. It is: if they bankrupt their customers by failing to detect this sort of thing they may get paid pennies on the dollar. - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Long distance fraud... $24,000+
Thanks Stephan, I will give AllStream some points, they did detect the fraud... unfortunately it was 14.5 hours later. I can understand 24 hour notice, but it doesn't change the smell. It happened on Christmas eve, roughly between 9:30pm and 11:30am. I really see no reason why this would go on so long. It's painfully obvious that software should have picked this up easily immediately. I don't disagree that costs should be covered (Allstream should not lose money on this). I do not blame the telco for the fraud at all. I am leaning toward blaming the Call Pilot installer from a year ago. But to say that Allstream is innocent and they should not profit from it, is wrong. Hearing that Unlimitel and Telnet give the client their cost rate is great, just covering their cost. That's honourable. But let's face it, they aren't multibillion dollar companies with multimillion dollar fraud groups. And most importantly, they don't charge those high rates (in this case less than 1/10th the rate). Pursuing this would be cost prohibitive and time zapping for a small telco. This is AllStream though, obviously giving a cost rate is great (paying half is still so high, but if you say that's their cost, then I believe it). But I would think that this dollar amount is large enough that Allstream will attempt to recover their own costs in the background on it in the coming weeks/months. Allstream will not just pay the other provider on the last leg the going rate and let it slide. If they do, then that would be wrong of them to let it slide and they are just feeding the flames. Chuck -Original Message- From: Stephan Monette [mailto:monet...@unlimitel.ca] Sent: January-29-10 11:41 AM To: Nabeel Jafferali Cc: asterisk@uc.org Subject: Re: [on-asterisk] Long distance fraud... $24,000+ Nabeel is right. I never seen anyone being able to zero their bill on such issues. I have seen the provider reducing the bill to their cost to help. Now one thing you can do to help reduce the bill: ask AllStream why they never detected this fraud? They are suppose to have auditing systems in place and contact customers within 24 hours for abnormal international call volume. In our case, we contact the customer after just one hour. We run our audits every hour to detect possible frauds. It protects our customers and my business too because we have to pay our provider in this case too. Bell have audits in place and will contact the customer within 24hours to ask if everything is normal with all the international calls. If it's a retail customer, Bell will reduce the bill to their cost to help. If it's a wholesale customer, Bell will not reduce anything. I assume AllStream is probably the same. The invoice won't be zero, but it could be reduced to their cost if your customer is a retail customer and not a wholesale customer. Good luck! Stephan Monette Unlimitel Inc. On 2010-01-29, at 11:18 AM, Nabeel Jafferali wrote: From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] Long distance fraud... $24,000+
Erik, I will post some details as to what happened in the next 24 hours (I have a lengthy message that I almost sent last night but decided to hold back on it until later/the whole picture is completed). I'm still trying to get some things resolved and to shut down the causes sometime today (overseas long distance has been disabled, so it's not really a rush job, but holes should be shut down). In this case, it has nothing to do with SIP or any VoIP... this is old school. But the lessons learned definitely apply to VoIP (even more so in my personal opinion). Chuck -Original Message- From: Erik Schwartz [mailto:asterisk...@gmail.com] Sent: January-29-10 12:19 PM To: asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ So what was the cause of this? Was it someone on the inside (of the company) who found a weak password and went wild, or was it someone packet shaping that got the SIP credentials and connected from else where? What can be done to prevent scenarios where someone gets the SIP credentials? Are TLS or SRTP used to prevent this? Erik. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: Friday, January 29, 2010 11:47 AM To: Nabeel Jafferali; asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ I would agree, the equipment is what let the hacker in. In this case, a weak voicemail password likely. Not AllStream. But I think that's being a little too easy on AllStream in this case. The number of lines/trunks they have purchased/sold contradicts the line capacity they delivered. For example if they have eight employees, they are told to purchase eight lines. They purchased a number of lines so they could place that many phone calls. What's happened is that an insane amount of volume (24,000+ minutes) was done using only three phone lines, in a 14.5 hour window. Dozens of simultaneous phone calls... on only three lines. Because AllSteam allows this hookswitch feature? As well, the client usually spends under $1,000 a month on their total bill. At what time is it reasonable for AllStream's monitoring system to go off and for someone to cut off the service? 4 times the usual volume? 4 times usual volume per month within an hour? High Volumes, in a suspicious pattern that's never happened on those lines before? And obvious exploit that happens daily? This should have been stopped within an hour or two... not 14.5 hours later. Not dozens of simultaneous calls, on only three lines, over 14 hours, that's never happened before. In the middle of the night. That's just negligence on their part. AllStream is making money off of this fraud, at full price. I am certain that we'll be able to get some discount on it (in good faith), but even half the price is too much and they are still profiting from fraud. There must be a reasonable rate to pay. I'm sure that AllStream will report it as fraud and get it credited back to themselves in some shape or form. Hell, the same calls using Unlimitel would have been less than 1/10th of the price (and Unlimitel makes their profit off that). And I'm sure they would have shut it down in a matter of minutes... not hours. Should AllStream make a profit on fraud? Should they even get paid for fraud? It's not in their best interest to stop it. Chuck -Original Message- From: Nabeel Jafferali [mailto:nab...@x2n.ca] Sent: January-29-10 11:19 AM To: asterisk@uc.org Subject: RE: [on-asterisk] Long distance fraud... $24,000+ From one past experience - since the issue was with the customer's equipment, they were held liable for the call charges (which, to be honest, sounds logical - unfortunately). -- Nabeel Jafferali X2 Networks Inc. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: January-29-10 11:14 AM To: asterisk@uc.org Subject: [on-asterisk] Long distance fraud... $24,000+ Anyone have any experience with large long distance phone bills ($20k) that are fraudulent? The phone system was compromised via dial in / call transfers. Overseas calls made. Specifically how to not have to pay All Stream because of it? What's the common practice and outcome? I mean, I would imagine that All Stream would get their costs back out of it eventually, how can they pass that onto their client? How can I go about getting them to zero it out? Regards, Chuck Mariotti - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
[on-asterisk] Secure Asterisk
Is there a good doc that explains how to harden an Asterisk server from toll fraud? Robert Brock Telecom Administrator, MKS Inc., www.mks.comhttp://www.mks.com Waterloo, ON, Canada Tel: 519-883-3243 or 800-265-2797 x3243 Fax: 519-884-8861
[on-asterisk] White noise and choking on SIP lines
Hi Guys, What causes white noise and intermittent cut off and choking on the SIP lines? Network is solid and it's separate from data network. All phones are Aastra and they worked fine for 1 year. I haven't got the chance to check cables but I doubt they can be the problem as it's a sip network. Any experience? Thanks,Bruce _
[on-asterisk] Feb 24th meeting ideas
Any topic suggestions for the Feb 24th meeting? - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
RE: [on-asterisk] White noise and choking on SIP lines
Thanks for the input. Calls within the network also experience the same problem. I run ztmonitor chan# -v just to make sure there is no problem with the lines from telco and there was no static at all. The phone cuts off words during a conversation. Nic card is intel on-board of intel motherboard with quad core Q6700. Elastix system info page shows CPU usuage shows at 31% (which is I think a fault in their calculations by a factor of 10). Following is output from top (showing cpu at 3.1%): top - 21:16:38 up 8:21, 1 user, load average: 0.48, 1.78, 2.24Tasks: 146 total, 1 running, 145 sleeping, 0 stopped, 0 zombieCpu(s): 3.1%us, 2.9%sy, 0.4%ni, 68.4%id, 16.3%wa, 8.9%hi, 0.1%si, 0.0%stMem: 2048116k total, 1989504k used,58612k free, 174100k buffersSwap: 779144k total, 208k used, 778936k free, 1046348k cached I don't think playing with rx and tx in zapata.conf will help. Is there an equivalent in sip.conf for rx and tx? Thanks,Bruce From: courc...@net-forces.com To: het...@hotmail.com Subject: Re: [on-asterisk] White noise and choking on SIP lines Date: Fri, 29 Jan 2010 19:04:49 -0500 Getting that issue on outside calls only or on inside ext to ext calls also? Strange question, but what is your nic card in your asterisk server and whal is the load avg of this server? Sent from my iPhone On 2010-01-29, at 6:45 PM, Bruce N het...@hotmail.com wrote: Hi Guys, What causes white noise and intermittent cut off and choking on the SIP lines? Network is solid and it's separate from data network. All phones are Aastra and they worked fine for 1 year. I haven't got the chance to check cables but I doubt they can be the problem as it's a sip network. Any experience? Thanks,Bruce _ _
Re: [on-asterisk] Feb 24th meeting ideas
Simon P. Ditner wrote: Any topic suggestions for the Feb 24th meeting? Preventing toll fraud? - To unsubscribe, e-mail: asterisk-unsubscr...@uc.org For additional commands, e-mail: asterisk-h...@uc.org
