[asterisk-users] fraud detection
hello everyone. i am concerned about security to the PBX and i would like to discuss different fraud detection methods. Apart from making everything to secure the PBX (latest patches, iptables, firewalls, no outside users, strongs passwds,...) i would like to find out if there are any fraud detection techniques. As for my setup i do have a PBX running asterisk 11.4 and it has 3 sip trunks (over internet) -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] fraud detection
i use a CRON CDR database lookup every 10 minutes (it is a sort of a compromise period of time). The script checks for all tall and international calls for the last hour. The script has different thresholds for different territories. it works reliably but I think about more sophisticated algorithm to discover any fraud attempts (I want to analize the security log as well). BR, Dmitry Pavlenko On Fri, 10/18/13, binary dreamer binary.vor...@gmail.com wrote: Subject: [asterisk-users] fraud detection To: Asterisk Users Mailing List - Non-Commercial Discussion asterisk-users@lists.digium.com Date: Friday, October 18, 2013, 10:09 AM hello everyone. i am concerned about security to the PBX and i would like to discuss different fraud detection methods.Apart from making everything to secure the PBX (latest patches, iptables, firewalls, no outside users, strongs passwds,...) i would like to find out if there are any fraud detection techniques. As for my setup i do have a PBX running asterisk 11.4 and it has 3 sip trunks (over internet) -Inline Attachment Follows- -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] fraud detection
You could check out a company called pbxwall. They have a product that is more of a realtime fraud prevention. It is not free. We had a look at it and it looks like a pretty good product but budget did not allow us to get one. Pbxwall.com From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of binary dreamer Sent: 18 October 2013 07:09 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: [asterisk-users] fraud detection hello everyone. i am concerned about security to the PBX and i would like to discuss different fraud detection methods. Apart from making everything to secure the PBX (latest patches, iptables, firewalls, no outside users, strongs passwds,...) i would like to find out if there are any fraud detection techniques. As for my setup i do have a PBX running asterisk 11.4 and it has 3 sip trunks (over internet) -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] CAS E1 signalling
2013-10-17 17:48, Russ Meyerriecks skrev: On Thu, Oct 17, 2013 at 7:53 AM, Johan Wilfer li...@jttech.se mailto:li...@jttech.se wrote: 1. In asterisk can I get the channel-number of the call so I can have different logic for the different channels? Sure, I guess I would just create different incoming contexts for your various channels in chan_dahdi.conf. Or you could write some dialplan foo. 2. How do I handle answer / hangup with CAS? Will DAHDI keep this channels up, or should I query the state of the channels (how?) and bring them up myself if they are down (Dial?) DAHDI will interpret the CAS signalling and pass those up to userspace as hookstates. All of this should be seamless to you as an Asterisk user. The usual channel Answer() and Hangup() is all that's needed, just like on any other type of channel. Have fun I will :-) Thanks! -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Hack
On 18 Oct 2013, at 04:06, John T. Bittner j...@xaccel.net wrote: Today I was hacked but caught it very quickly. This is the weird part, they hacked an IP Auth based account by simply knowing the account name. How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I used a dictionary based account name but how did they bypass the set ip I had under the account for this host. Did the IP show under sip show peer xxx? If it's realtime it's possible to set it and need to prune it / sip reload. Steve-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
I also see that on our servers. By the way, is It possible to avoid this behavior? It's quite disappointing for our customers to hear their music on hold when the remote party put them on hold... BR, Alban -Message d'origine- De : asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] De la part de Doug Lytle Envoyé : vendredi 18 octobre 2013 00:48 À : Asterisk Users Mailing List - Non-Commercial Discussion Objet : Re: [asterisk-users] MusicOnHold starts magically for no reason Markus wrote: Started music on hold, class 'default', on SIP/outbound-sip-provider-0002 I see this on our system and it's considered a feature. When the remote system signals that a call has been put on hold, it will instruction the local Asterisk system to do the actual holding. I see this on our VOIP router and hear our hold music when the remote party places me on hold. Doug -- Ben Franklin quote: Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users Alban Elzière Company: Nevox, 36 rue du doyenné, 69005 Lyon, FRANCE W: http://www.nevox-telephonie.fr E: alban.elzi...@nevox.fr -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
I also see that on our servers. By the way, is It possible to avoid this behavior? It's quite disappointing for our customers to hear their music on hold when the remote party put them on hold... You'll want to review this thread: http://www.asteriskguru.com/archives/image-vp345921.html Doug -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] outbound call issue
Dear All, i had an issue when we are going to call back the number from asterisk its ringing as the customer mobile is switched off. And also it also not saying busy when the customer is on another call. so please help me in this issue -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] outbound call issue
some more information's will help sort out the issue. On Fri, Oct 18, 2013 at 2:30 PM, shiva kumar sivakumar.kara...@gmail.comwrote: Dear All, i had an issue when we are going to call back the number from asterisk its ringing as the customer mobile is switched off. And also it also not saying busy when the customer is on another call. so please help me in this issue -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Hack
Hi Steve, Not using real-time. John From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Steven Howes Sent: Friday, October 18, 2013 4:30 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Hack On 18 Oct 2013, at 04:06, John T. Bittner j...@xaccel.netmailto:j...@xaccel.net wrote: Today I was hacked but caught it very quickly. This is the weird part, they hacked an IP Auth based account by simply knowing the account name. How is this possible? I am running Asterisk 11.5.0. Now it's my fault I used a dictionary based account name but how did they bypass the set ip I had under the account for this host. Did the IP show under sip show peer xxx? If it's realtime it's possible to set it and need to prune it / sip reload. Steve Teach Canit xAntispam if this mail is spam: Spamhttp://mx1.xantispam.net/canit/b.php?i=02KCwuuL7m=23b89b978a34c=s Not spamhttp://mx1.xantispam.net/canit/b.php?i=02KCwuuL7m=23b89b978a34c=n Forget previous votehttp://mx1.xantispam.net/canit/b.php?i=02KCwuuL7m=23b89b978a34c=f -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Hack
On 10/17/13 23:06, John T. Bittner wrote: Today I was hacked but caught it very quickly. This is the weird part, they hacked an IP Auth based account by simply knowing the account name. How is this possible? I am running Asterisk 11.5.0. Now it’s my fault I used a dictionary based account name but how did they bypass the set ip I had under the account for this host. Any chance your sip peer was configured like this? [accountname] host=10.9.8.7 Without seeing your settings it's quite difficult to come up with accurate possibilities of what happened. The above example will allow *all* ip addresses with no password!. Because there is no permit+deny (you need to use both) -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
Thank you for pointing this thread. So, looks like no solution exists to correct this (as I understand)... as it is part of the standard. Have you found a trick to avoid that (break it)? Alban -Message d'origine- De : asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] De la part de Doug Lytle Envoyé : vendredi 18 octobre 2013 13:55 À : Asterisk Users Mailing List - Non-Commercial Discussion Objet : Re: [asterisk-users] MusicOnHold starts magically for no reason I also see that on our servers. By the way, is It possible to avoid this behavior? It's quite disappointing for our customers to hear their music on hold when the remote party put them on hold... You'll want to review this thread: http://www.asteriskguru.com/archives/image-vp345921.html Doug -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
if you don't use MOH just don't load module res_musiconhold.so On Fri, Oct 18, 2013 at 6:24 PM, Alban Elziere alban.elzi...@nevox.frwrote: Thank you for pointing this thread. So, looks like no solution exists to correct this (as I understand)... as it is part of the standard. Have you found a trick to avoid that (break it)? Alban -Message d'origine- De : asterisk-users-boun...@lists.digium.com [mailto: asterisk-users-boun...@lists.digium.com] De la part de Doug Lytle Envoyé : vendredi 18 octobre 2013 13:55 À : Asterisk Users Mailing List - Non-Commercial Discussion Objet : Re: [asterisk-users] MusicOnHold starts magically for no reason I also see that on our servers. By the way, is It possible to avoid this behavior? It's quite disappointing for our customers to hear their music on hold when the remote party put them on hold... You'll want to review this thread: http://www.asteriskguru.com/archives/image-vp345921.html Doug -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
So, looks like no solution exists to correct this (as I understand If you're 100% SIP, then probably. If you're bridging between SIP handsets and a PRI, then I believe you can. I think it can be controlled though chan_dahdi.conf. The option is called (Was called?) mohinterpret. Search that config file for moh or music on hold. Doug -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk12Beta- configure script/uuid missing??
Hello, I'm trying to build Asterisk12 on a Centos 6.4 VM. The configure script is erring out with: … checking for uuid_generate_random in -luuid... no checking for uuid_generate_random in -le2fs-uuid... no checking for uuid_generate_random... no configure: error: *** uuid support not found (this typically means the uuid development package is missing) I have installed (using yum) uuid, uuidd and uuid-devel. No joy, still getting same error. Anyone else run into this? How did you get around it? cheers, Cassius Smith -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk12Beta- configure script/uuid missing??
Try installing libuuid and libuuid-devel -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Cassius Smith Sent: Friday, October 18, 2013 3:16 PM To: asterisk-users@lists.digium.com Subject: [asterisk-users] Asterisk12Beta- configure script/uuid missing?? Hello, I'm trying to build Asterisk12 on a Centos 6.4 VM. The configure script is erring out with: ... checking for uuid_generate_random in -luuid... no checking for uuid_generate_random in -le2fs-uuid... no checking for uuid_generate_random... no configure: error: *** uuid support not found (this typically means the uuid development package is missing) I have installed (using yum) uuid, uuidd and uuid-devel. No joy, still getting same error. Anyone else run into this? How did you get around it? cheers, Cassius Smith -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk12Beta- configure script/uuid missing??
On Fri, Oct 18, 2013 at 03:16:08PM -0400, Cassius Smith wrote: Hello, I'm trying to build Asterisk12 on a Centos 6.4 VM. The configure script is erring out with: … checking for uuid_generate_random in -luuid... no checking for uuid_generate_random in -le2fs-uuid... no checking for uuid_generate_random... no configure: error: *** uuid support not found (this typically means the uuid development package is missing) I have installed (using yum) uuid, uuidd and uuid-devel. No joy, still getting same error. Anyone else run into this? How did you get around it? libuuid-devel is what I think you need. As an aside, in the asterisk source there is an install_prereq script that can be used to install all the necessary packages for your platform: $ sudo contrib/scripts/install_prereq install Cheers, Shaun -- Shaun Ruffell Digium, Inc. | Linux Kernel Developer 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA Check us out at: www.digium.com www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] MusicOnHold starts magically for no reason
Thank you Doug for your answers. As I'm SIP all the way (phone, providers), I'll live with it (and my customers also)... BR, Alban -Message d'origine- De : asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] De la part de Doug Lytle Envoyé : vendredi 18 octobre 2013 18:45 À : Asterisk Users Mailing List - Non-Commercial Discussion Objet : Re: [asterisk-users] MusicOnHold starts magically for no reason So, looks like no solution exists to correct this (as I understand If you're 100% SIP, then probably. If you're bridging between SIP handsets and a PRI, then I believe you can. I think it can be controlled though chan_dahdi.conf. The option is called (Was called?) mohinterpret. Search that config file for moh or music on hold. Doug -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users Alban Elzière Company: Nevox, 36 rue du doyenné, 69005 Lyon, FRANCE W: http://www.nevox-telephonie.fr E: alban.elzi...@nevox.fr -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users