date:20170511

[asterisk-users] AMI Originate not working

2017-05-11 Thread Thomas

Hello,

I want to call an phone and if phone picked up I want to ring another phone.
Or I want to connect to an running channel and then call another phone or move 
to an ConfBridge

Iam using PHP 
$channel = 'IAX2/556-1696';
or $channel = 'SIP/0019736363636@outbound.patton';
$exten = '';
$context = 'test_callout';
$priority = '1';


$parameters = array(
'Channel' => $channel, 
'Exten' => $exten,
'Context' => $context,
'Priority' => $priority,
);
self::manager_com('Originate', $parameters);


I get only this message, but no action or other information
  == Manager 'vserver_webastmanager' logged on from 127.0.0.1
  == Manager 'vserver_webastmanager' logged off from 127.0.0.1


The AMI access in general should work, because I use it for another commands 
for example QueueAdd

best regards

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] JACK_HOOK Auto fallthrough

2017-05-11 Thread andre castro

Hi,
I am having problems adding a JACK_HOOK function to a Asterisk dialplan.
I have jackd (1.9.10) running. And tested.

in extensions.conf I have the following plan:

exten = 99,1,Answer()
same =  n, Set(JACK_HOOK(manipulate,s(default),i(system:playback_1))=on)


When I set a peer to call it (from Keriga), the Asterisk console, prints:

-- Executing [99@home:1] Answer("SIP/1002-0033", "") in new stack
-- Executing [99@home:2] Set("SIP/1002-0033",
"JACK_HOOK(manipulate,s(default),i(system:playback_1))=on") in new stack
[May 11 21:55:26] NOTICE[6526][C-004e]: app_jack.c:192
log_jack_status: Client Open Status: Failure, Server Failed
-- Auto fallthrough, channel 'SIP/1002-0033' status is 'UNKNOWN'


I don't understand why does "Client Open Status: Failure, Server Failed"
appears.
And also 'SIP/1002-0033' status is 'UNKNOWN'.

When checking jack_lsp I can only see the system ports, but no Asterisk
port.

Any hints on how I could solve this are appreciated.
Thanks
a




-- 
oo.io
bibliotecha.info

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

2017-05-11 Thread Don Kelly

I've assumed that the client is not present when the cleaners arrive.

  --Don

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Sebastian
Nielsen
Sent: Thursday, May 11, 2017 10:19 AM
To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Personally, if I was a client, I would rather have the personell answer the
phone than make a outgoing call, if I would choose.
If you think of billing and costs.
So if a client allows outgoing, I don't think they have any problems with
answering a call immediately following either.

But I assume the client will be billed for the time the personell works
there?
And thats why you have this "phone verification system", to avoid discussion
about how long the company has been there and unfair bills?

Then you could have it this way instead:
1: Give the client (not personell) a PIN code.
2: The client calls and enters PIN.
3: The employee gets a SMS/email/push message/paging tone, that he can start
working.
4: When the employee is done, the client calls again, and enter PIN. This
will stop billing.
5: When billing is stopped, the employee gets a SMS/email/push
message/paging tone he can stop working.

This will be rock solid. The employee only needs to check for the SMSes.
The SMSes prevent the client from cheating the system to get cheaper
service, like claiming to start when client do not, or calling for stop
before the employee is finished, because the employee will only work when he
get start signal, and will stop working at stop signal.

Theres no risk that the client will call in and check in/check out when the
employee is not there, because that would cause the client to Be billed for
rendered services.

-Ursprungligt meddelande-
Från: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] För Don Kelly
Skickat: den 11 maj 2017 17:04
Till: 'Asterisk Users Mailing List - Non-Commercial Discussion'

Ämne: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

As a client, I don't want service company personnel answering my phone.

As a service company, I don't want my clients thinking that I do not trust
my employees who are at the client facility.

  --Don

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Adam Goldberg
Sent: Thursday, May 11, 2017 8:00 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Seems like this is the best idea (challenge-response), a callback.  No
matter the callerid, you don't know where the caller is.  But if you place a
call BACK to the callerid, it's going to go to the destination.  Then you
either need the phone to be answered, or the phone to be answered and and
the challenge entered.

Adam Goldberg
AGP, LLC
+1-202-507-9900

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of J Montoya or A
J Stiles
Sent: Thursday, May 11, 2017 7:48 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion

Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

On Wednesday 10 May 2017, Steve Edwards wrote:
> On Wed, 10 May 2017, J Montoya or A J Stiles wrote:
> > Presumably your staff carry mobile phones.  What about an app that 
> > gets the ID of the cell tower to which it is connected, and passes 
> > it and the SIM number in a HTTP request to a server you control?
> 
> The problem is that they are supposed to use the 'site landline' to 
> confirm presence -- not their cell phone with the spoofed CID.

Yes; but the whole point is that the caller ID from the site landline is no
longer reliable enough as evidence, by itself, that somebody is actually
there.

A custom app could read the ID of the cell tower to which it was connected
-- or even the phone's GPS co-ordinates -- and transmit that back to base
over the Internet.  Preferrably with some sort of precautions to make the
request harder to forge  (i.e., *not* just a plain HTTP GET with the MCC,
MNC, LAC and CID in the query string).  If your app makes its connection via
the site's wi- fi  (which will require the co-operation of the client)  as
opposed to the mobile network, so much the better, as there will be an IP
address against which you can match.

If you insist to use the site landline for your authentication, you could
extend the protocol to a full challenge-and-response as follows:  Play a
series of digits down the line to the caller, return the call as soon as
they hang up, and ask them to dial the same digits they just heard.  All
this can be done in the dialplan  (you might need to record some
announcements of your own, such as "Please memorise the

Re: [asterisk-users] Using queue priorities to add agents

2017-05-11 Thread Steve Davies

Hi,

Thanks for this suggestion - I believe it does not quite fit the
requirement as follows:

- When you move up to priority 2, you will stop ringing 'Receptionist' as
they are out of scope penalty 1 < 2.

- Changing the penalty from
penaltychange => 20,2,2
to
penaltychange => 20,1,2
in order to include Receptionist does not work either, as it will still not
treat 'Receptionist', 'Kelli', 'Traci' equally as required.

In THEORY (I've not tried this disgusting hack yet), I could use:

[mrule]
penaltychange => 20,2,2
penaltychange => 40,3,3
penaltychange => 80,4,4
penaltychange => 120,5,5
penaltychange => 150,6,6
penaltychange => 180,1,1
penaltychange => 200,2,2
penaltychange => 220,3,3
penaltychange => 240,4,4
penaltychange => 260,5,5
penaltychange => 280,6,6
penaltychange => 300,1,1

[myqueue]
member => SIP/100.2,1,Receptionist
member => SIP/100.2,2,Receptionist
member => SIP/101.2,2,Kelli
member => SIP/102.2,2,Traci
member => SIP/100.2,3,Receptionist
member => SIP/101.2,3,Kelli
member => SIP/102.2,3,Traci
member => SIP/103.2,3,Debi
member => SIP/100.2,4,Receptionist
member => SIP/101.2,4,Kelli
member => SIP/102.2,4,Traci
member => SIP/103.2,4,Debi
member => SIP/104.2,4,Debbie
member => SIP/105.2,4,Luci
...and so on...

:) See my problem?

Cheers,
Steve

On Thu, 11 May 2017 at 16:44 John Kiniston  wrote:

> I have a real ugly queue that has this in it's rules
>
> [mrule]
> penaltychange => 20,2,2
> penaltychange => 40,3,3
> penaltychange => 80,4,4
> penaltychange => 120,5,5
> penaltychange => 150,6,6
> penaltychange => 180,1,1
> penaltychange => 200,2,2
> penaltychange => 220,3,3
> penaltychange => 240,4,4
> penaltychange => 260,5,5
> penaltychange => 280,6,6
> penaltychange => 300,1,1
>
> [myqueue]
> member => SIP/100.2,1,Receptionist
> member => SIP/101.2,2,Kelli
> member => SIP/102.2,2,Traci
> member => SIP/103.2,3,Debi
> member => SIP/104.2,4,Debbie
> member => SIP/105.2,4,Luci
> member => SIP/106.2,5,Sheila
> member => SIP/107.2,6,Mike
>
> So every 20 seconds it jumps up to the next Penalty and every few minutes
> it resets the penalty back down to 1 and starts again.
>
>
> On Thu, May 11, 2017 at 4:17 AM, Steve Davies  wrote:
>
>> Hi,
>>
>> I have a scenario that I am failing to implement using the Queue app, but
>> which I had thought would be commonplace...
>>
>> 1) (this bit works fine) I want a queue caller to have access to the
>> basic set of agents initially, with an overflow to additional agents if
>> they are busy - This is done using penalty:
>>
>> queues.conf:
>> member => SIP/dev1,0,Agent1
>> member => SIP/dev2,0,Agent2
>> member => SIP/dev3,1,Agent3 is overflow
>>
>> 2) But, after 60 seconds, I want Agent 3 to be included whether the 1 and
>> 2 are busy or not. None of the queuerules options seem to achieve this
>> because regardless of which agents are included or not, the penalty used to
>> group them is also penalising them.
>>
>> Help? Is what I want possible?
>>
>> PS. I did consider hacking the meaning of QUEUE_MIN_PENALTY so that it
>> actually increases lower penalties to it's current value, thus putting them
>> on an even footing, instead of blocking out agents.
>>
>> Thanks,
>> Steve
>>
>>
>
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Using queue priorities to add agents

2017-05-11 Thread Steve Davies

Thanks for the suggestion - That is what is currently in place, but it
allows queue-jumping as Asterisk does not know that one queue should be
serviced (drained) before the other. That can be improved upon by doing a
Waiting count on the 2nd queue etc etc, but there is always a q-jumping
scenario unless the whole thing is managed inside a single queue.

Cheers,
Steve

On Thu, 11 May 2017 at 16:36 Alexander Lopez  wrote:

> If after 60 seconds you mean ’60 seconds of caller hold time’ then set up
> another queue as overflow,
>
>
>
> Set the first queue to timeout after 60 secs. Then send to the overflow
> queue with all agents/members as same priority.
>
>
>
>
>
>
>
> *From:* asterisk-users-boun...@lists.digium.com [mailto:
> asterisk-users-boun...@lists.digium.com] *On Behalf Of *Steve Davies
> *Sent:* Thursday, May 11, 2017 7:18 AM
> *To:* Asterisk Users Mailing List - Non-Commercial Discussion <
> asterisk-users@lists.digium.com>
> *Subject:* [asterisk-users] Using queue priorities to add agents
>
>
>
> Hi,
>
>
>
> I have a scenario that I am failing to implement using the Queue app, but
> which I had thought would be commonplace...
>
>
>
> 1) (this bit works fine) I want a queue caller to have access to the basic
> set of agents initially, with an overflow to additional agents if they are
> busy - This is done using penalty:
>
>
>
> queues.conf:
>
> member => SIP/dev1,0,Agent1
>
> member => SIP/dev2,0,Agent2
>
> member => SIP/dev3,1,Agent3 is overflow
>
>
>
> 2) But, after 60 seconds, I want Agent 3 to be included whether the 1 and
> 2 are busy or not. None of the queuerules options seem to achieve this
> because regardless of which agents are included or not, the penalty used to
> group them is also penalising them.
>
>
>
> Help? Is what I want possible?
>
>
>
> PS. I did consider hacking the meaning of QUEUE_MIN_PENALTY so that it
> actually increases lower penalties to it's current value, thus putting them
> on an even footing, instead of blocking out agents.
>
>
>
> Thanks,
>
> Steve
>
>
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Using queue priorities to add agents

2017-05-11 Thread John Kiniston

I have a real ugly queue that has this in it's rules

[mrule]
penaltychange => 20,2,2
penaltychange => 40,3,3
penaltychange => 80,4,4
penaltychange => 120,5,5
penaltychange => 150,6,6
penaltychange => 180,1,1
penaltychange => 200,2,2
penaltychange => 220,3,3
penaltychange => 240,4,4
penaltychange => 260,5,5
penaltychange => 280,6,6
penaltychange => 300,1,1

[myqueue]
member => SIP/100.2,1,Receptionist
member => SIP/101.2,2,Kelli
member => SIP/102.2,2,Traci
member => SIP/103.2,3,Debi
member => SIP/104.2,4,Debbie
member => SIP/105.2,4,Luci
member => SIP/106.2,5,Sheila
member => SIP/107.2,6,Mike

So every 20 seconds it jumps up to the next Penalty and every few minutes
it resets the penalty back down to 1 and starts again.


On Thu, May 11, 2017 at 4:17 AM, Steve Davies  wrote:

> Hi,
>
> I have a scenario that I am failing to implement using the Queue app, but
> which I had thought would be commonplace...
>
> 1) (this bit works fine) I want a queue caller to have access to the basic
> set of agents initially, with an overflow to additional agents if they are
> busy - This is done using penalty:
>
> queues.conf:
> member => SIP/dev1,0,Agent1
> member => SIP/dev2,0,Agent2
> member => SIP/dev3,1,Agent3 is overflow
>
> 2) But, after 60 seconds, I want Agent 3 to be included whether the 1 and
> 2 are busy or not. None of the queuerules options seem to achieve this
> because regardless of which agents are included or not, the penalty used to
> group them is also penalising them.
>
> Help? Is what I want possible?
>
> PS. I did consider hacking the meaning of QUEUE_MIN_PENALTY so that it
> actually increases lower penalties to it's current value, thus putting them
> on an even footing, instead of blocking out agents.
>
> Thanks,
> Steve
>
>
> --
> _
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>http://lists.digium.com/mailman/listinfo/asterisk-users
>



-- 
A human being should be able to change a diaper, plan an invasion, butcher
a hog, conn a ship, design a building, write a sonnet, balance accounts,
build a wall, set a bone, comfort the dying, take orders, give orders,
cooperate, act alone, solve equations, analyze a new problem, pitch manure,
program a computer, cook a tasty meal, fight efficiently, die gallantly.
Specialization is for insects.
---Heinlein
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Using queue priorities to add agents

2017-05-11 Thread Alexander Lopez

If after 60 seconds you mean ’60 seconds of caller hold time’ then set up 
another queue as overflow,

Set the first queue to timeout after 60 secs. Then send to the overflow queue 
with all agents/members as same priority.


“You can either follow your fears or be led by your passions, its up to you……..”

Alexander Lopez
OpSys Consulting Group
PO Box 49-1333
Key Biscayne, FL 33149
Tel: 305 503 3000 x 122
Making life hard for others since 1970.

Help-desk: (305)503-3000 Option 0 or
Email: helpd...@opsys.com


From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Steve Davies
Sent: Thursday, May 11, 2017 7:18 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion 

Subject: [asterisk-users] Using queue priorities to add agents

Hi,

I have a scenario that I am failing to implement using the Queue app, but which 
I had thought would be commonplace...

1) (this bit works fine) I want a queue caller to have access to the basic set 
of agents initially, with an overflow to additional agents if they are busy - 
This is done using penalty:

queues.conf:
member => SIP/dev1,0,Agent1
member => SIP/dev2,0,Agent2
member => SIP/dev3,1,Agent3 is overflow

2) But, after 60 seconds, I want Agent 3 to be included whether the 1 and 2 are 
busy or not. None of the queuerules options seem to achieve this because 
regardless of which agents are included or not, the penalty used to group them 
is also penalising them.

Help? Is what I want possible?

PS. I did consider hacking the meaning of QUEUE_MIN_PENALTY so that it actually 
increases lower penalties to it's current value, thus putting them on an even 
footing, instead of blocking out agents.

Thanks,
Steve

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

2017-05-11 Thread Sebastian Nielsen

Personally, if I was a client, I would rather have the personell answer the
phone than make a outgoing call, if I would choose.
If you think of billing and costs.
So if a client allows outgoing, I don't think they have any problems with
answering a call immediately following either.

But I assume the client will be billed for the time the personell works
there?
And thats why you have this "phone verification system", to avoid discussion
about how long the company has been there and unfair bills?

Then you could have it this way instead:
1: Give the client (not personell) a PIN code.
2: The client calls and enters PIN.
3: The employee gets a SMS/email/push message/paging tone, that he can start
working.
4: When the employee is done, the client calls again, and enter PIN. This
will stop billing.
5: When billing is stopped, the employee gets a SMS/email/push
message/paging tone he can stop working.

This will be rock solid. The employee only needs to check for the SMSes.
The SMSes prevent the client from cheating the system to get cheaper
service, like claiming to start when client do not, or calling for stop
before the employee is finished, because the employee will only work when he
get start signal, and will stop working at stop signal.

Theres no risk that the client will call in and check in/check out when the
employee is not there, because that would cause the client to
Be billed for rendered services.

-Ursprungligt meddelande-
Från: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] För Don Kelly
Skickat: den 11 maj 2017 17:04
Till: 'Asterisk Users Mailing List - Non-Commercial Discussion'

Ämne: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

As a client, I don't want service company personnel answering my phone.

As a service company, I don't want my clients thinking that I do not trust
my employees who are at the client facility.

  --Don

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Adam Goldberg
Sent: Thursday, May 11, 2017 8:00 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Seems like this is the best idea (challenge-response), a callback.  No
matter the callerid, you don't know where the caller is.  But if you place a
call BACK to the callerid, it's going to go to the destination.  Then you
either need the phone to be answered, or the phone to be answered and and
the challenge entered.

Adam Goldberg
AGP, LLC
+1-202-507-9900

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of J Montoya or A
J Stiles
Sent: Thursday, May 11, 2017 7:48 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion

Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

On Wednesday 10 May 2017, Steve Edwards wrote:
> On Wed, 10 May 2017, J Montoya or A J Stiles wrote:
> > Presumably your staff carry mobile phones.  What about an app that 
> > gets the ID of the cell tower to which it is connected, and passes 
> > it and the SIM number in a HTTP request to a server you control?
> 
> The problem is that they are supposed to use the 'site landline' to 
> confirm presence -- not their cell phone with the spoofed CID.

Yes; but the whole point is that the caller ID from the site landline is no
longer reliable enough as evidence, by itself, that somebody is actually
there.

A custom app could read the ID of the cell tower to which it was connected
-- or even the phone's GPS co-ordinates -- and transmit that back to base
over the Internet.  Preferrably with some sort of precautions to make the
request harder to forge  (i.e., *not* just a plain HTTP GET with the MCC,
MNC, LAC and CID in the query string).  If your app makes its connection via
the site's wi- fi  (which will require the co-operation of the client)  as
opposed to the mobile network, so much the better, as there will be an IP
address against which you can match.

If you insist to use the site landline for your authentication, you could
extend the protocol to a full challenge-and-response as follows:  Play a
series of digits down the line to the caller, return the call as soon as
they hang up, and ask them to dial the same digits they just heard.  All
this can be done in the dialplan  (you might need to record some
announcements of your own, such as "Please memorise the following digits"
and "Please dial the digits you heard in the last call").  

Intercepting incoming calls *to* a number is much harder  (usually requiring
the co-operation of telcos, unless the interloper has access to some
equipment through which they know that the call will be routed; that
potentially includes your Asterisk, but any tampering there would be
evident)  than falsifying outgoing calls

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

2017-05-11 Thread Don Kelly

As a client, I don't want service company personnel answering my phone.

As a service company, I don't want my clients thinking that I do not trust
my employees who are at the client facility.

  --Don

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Adam Goldberg
Sent: Thursday, May 11, 2017 8:00 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Seems like this is the best idea (challenge-response), a callback.  No
matter the callerid, you don't know where the caller is.  But if you place a
call BACK to the callerid, it's going to go to the destination.  Then you
either need the phone to be answered, or the phone to be answered and and
the challenge entered.

Adam Goldberg
AGP, LLC
+1-202-507-9900

-Original Message-
From: asterisk-users-boun...@lists.digium.com
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of J Montoya or A
J Stiles
Sent: Thursday, May 11, 2017 7:48 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion

Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

On Wednesday 10 May 2017, Steve Edwards wrote:
> On Wed, 10 May 2017, J Montoya or A J Stiles wrote:
> > Presumably your staff carry mobile phones.  What about an app that 
> > gets the ID of the cell tower to which it is connected, and passes 
> > it and the SIM number in a HTTP request to a server you control?
> 
> The problem is that they are supposed to use the 'site landline' to 
> confirm presence -- not their cell phone with the spoofed CID.

Yes; but the whole point is that the caller ID from the site landline is no
longer reliable enough as evidence, by itself, that somebody is actually
there.

A custom app could read the ID of the cell tower to which it was connected
-- or even the phone's GPS co-ordinates -- and transmit that back to base
over the Internet.  Preferrably with some sort of precautions to make the
request harder to forge  (i.e., *not* just a plain HTTP GET with the MCC,
MNC, LAC and CID in the query string).  If your app makes its connection via
the site's wi- fi  (which will require the co-operation of the client)  as
opposed to the mobile network, so much the better, as there will be an IP
address against which you can match.

If you insist to use the site landline for your authentication, you could
extend the protocol to a full challenge-and-response as follows:  Play a
series of digits down the line to the caller, return the call as soon as
they hang up, and ask them to dial the same digits they just heard.  All
this can be done in the dialplan  (you might need to record some
announcements of your own, such as "Please memorise the following digits"
and "Please dial the digits you heard in the last call").  

Intercepting incoming calls *to* a number is much harder  (usually requiring
the co-operation of telcos, unless the interloper has access to some
equipment through which they know that the call will be routed; that
potentially includes your Asterisk, but any tampering there would be
evident)  than falsifying outgoing calls *from* a number.  

It would be much more fun to mount a "sting" operation to catch the 
perpetrators red-handed   (say, falsely set off a fire alarm while you know
they 
are slacking off down the pub instead of looking after the site like they
are paid for)  .  but maybe I have just been watching too many detective
dramas on TV!

--
JM

Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at:
https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at:
https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

2017-05-11 Thread Adam Goldberg

Seems like this is the best idea (challenge-response), a callback.  No matter 
the callerid, you don't know where the caller is.  But if you place a call BACK 
to the callerid, it's going to go to the destination.  Then you either need the 
phone to be answered, or the phone to be answered and and the challenge entered.

Adam Goldberg
AGP, LLC
+1-202-507-9900

-Original Message-
From: asterisk-users-boun...@lists.digium.com 
[mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of J Montoya or A J 
Stiles
Sent: Thursday, May 11, 2017 7:48 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion 

Subject: Re: [asterisk-users] How to detect fake CallerID? (8xx?)

On Wednesday 10 May 2017, Steve Edwards wrote:
> On Wed, 10 May 2017, J Montoya or A J Stiles wrote:
> > Presumably your staff carry mobile phones.  What about an app that 
> > gets the ID of the cell tower to which it is connected, and passes 
> > it and the SIM number in a HTTP request to a server you control?
> 
> The problem is that they are supposed to use the 'site landline' to 
> confirm presence -- not their cell phone with the spoofed CID.

Yes; but the whole point is that the caller ID from the site landline is no 
longer reliable enough as evidence, by itself, that somebody is actually there.

A custom app could read the ID of the cell tower to which it was connected -- 
or even the phone's GPS co-ordinates -- and transmit that back to base over the 
Internet.  Preferrably with some sort of precautions to make the request harder 
to forge  (i.e., *not* just a plain HTTP GET with the MCC, MNC, LAC and CID in 
the query string).  If your app makes its connection via the site's wi- fi  
(which will require the co-operation of the client)  as opposed to the mobile 
network, so much the better, as there will be an IP address against which you 
can match.

If you insist to use the site landline for your authentication, you could 
extend the protocol to a full challenge-and-response as follows:  Play a series 
of digits down the line to the caller, return the call as soon as they hang up, 
and ask them to dial the same digits they just heard.  All this can be done in 
the dialplan  (you might need to record some announcements of your own, such as 
"Please memorise the following digits" and "Please dial the digits you heard in 
the last call").  

Intercepting incoming calls *to* a number is much harder  (usually requiring 
the co-operation of telcos, unless the interloper has access to some equipment 
through which they know that the call will be routed; that potentially includes 
your Asterisk, but any tampering there would be evident)  than falsifying 
outgoing calls *from* a number.  

It would be much more fun to mount a "sting" operation to catch the 
perpetrators red-handed   (say, falsely set off a fire alarm while you know 
they 
are slacking off down the pub instead of looking after the site like they are 
paid for)  .  but maybe I have just been watching too many detective dramas 
on TV!

--
JM

Note:  Originating address only accepts e-mail from list!  If replying off- 
list, change address to asterisk1list at earthshod dot co dot uk .

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

2017-05-11 Thread J Montoya or A J Stiles

On Wednesday 10 May 2017, Steve Edwards wrote:
> On Wed, 10 May 2017, J Montoya or A J Stiles wrote:
> > Presumably your staff carry mobile phones.  What about an app that gets
> > the ID of the cell tower to which it is connected, and passes it and the
> > SIM number in a HTTP request to a server you control?
> 
> The problem is that they are supposed to use the 'site landline' to
> confirm presence -- not their cell phone with the spoofed CID.

Yes; but the whole point is that the caller ID from the site landline is no 
longer reliable enough as evidence, by itself, that somebody is actually 
there.

A custom app could read the ID of the cell tower to which it was connected -- 
or even the phone's GPS co-ordinates -- and transmit that back to base over 
the Internet.  Preferrably with some sort of precautions to make the request 
harder to forge  (i.e., *not* just a plain HTTP GET with the MCC, MNC, LAC and 
CID in the query string).  If your app makes its connection via the site's wi-
fi  (which will require the co-operation of the client)  as opposed to the 
mobile network, so much the better, as there will be an IP address against 
which you can match.

If you insist to use the site landline for your authentication, you could 
extend the protocol to a full challenge-and-response as follows:  Play a 
series of digits down the line to the caller, return the call as soon as they 
hang up, and ask them to dial the same digits they just heard.  All this can 
be done in the dialplan  (you might need to record some announcements of your 
own, such as "Please memorise the following digits" and "Please dial the 
digits you heard in the last call").  

Intercepting incoming calls *to* a number is much harder  (usually requiring 
the co-operation of telcos, unless the interloper has access to some equipment 
through which they know that the call will be routed; that potentially 
includes your Asterisk, but any tampering there would be evident)  than 
falsifying outgoing calls *from* a number.  

It would be much more fun to mount a "sting" operation to catch the 
perpetrators red-handed   (say, falsely set off a fire alarm while you know 
they 
are slacking off down the pub instead of looking after the site like they are 
paid for)  .  but maybe I have just been watching too many detective 
dramas on TV!

-- 
JM

Note:  Originating address only accepts e-mail from list!  If replying off-
list, change address to asterisk1list at earthshod dot co dot uk .

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Using queue priorities to add agents

2017-05-11 Thread Steve Davies

Hi,

I have a scenario that I am failing to implement using the Queue app, but
which I had thought would be commonplace...

1) (this bit works fine) I want a queue caller to have access to the basic
set of agents initially, with an overflow to additional agents if they are
busy - This is done using penalty:

queues.conf:
member => SIP/dev1,0,Agent1
member => SIP/dev2,0,Agent2
member => SIP/dev3,1,Agent3 is overflow

2) But, after 60 seconds, I want Agent 3 to be included whether the 1 and 2
are busy or not. None of the queuerules options seem to achieve this
because regardless of which agents are included or not, the penalty used to
group them is also penalising them.

Help? Is what I want possible?

PS. I did consider hacking the meaning of QUEUE_MIN_PENALTY so that it
actually increases lower penalties to it's current value, thus putting them
on an even footing, instead of blocking out agents.

Thanks,
Steve
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] AMI Originate not working

[asterisk-users] JACK_HOOK Auto fallthrough

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Re: [asterisk-users] Using queue priorities to add agents

Re: [asterisk-users] Using queue priorities to add agents

Re: [asterisk-users] Using queue priorities to add agents

Re: [asterisk-users] Using queue priorities to add agents

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

Re: [asterisk-users] How to detect fake CallerID? (8xx?)

[asterisk-users] Using queue priorities to add agents

12 matches

Site Navigation

Mail list logo

Footer information