|
I won't pretend to know a lot about telephony, I could recognize a PBX if I saw one. I know what Asterisk is, and have used SIP service for my personal home phone for a multitude of years flip-flopping between SIP ATAs and Software phones. I'll occasionally grow out the OP as needed, if there is interest. Zoom 5801 ATA  Used this at home for a number of years. An analog telephone adapter lets you use a a regular phone, the kind you'd see at Walmart, PSTN\POTS\RJ11\analog phone with SIP service. This adapter works OK, but I've found that if the internet ever drops for whatever reason it doesn't reconnect to the SIP service and it has to be power cycled, not so great. I have not used it in a while, might be OK now. Avaya\Nortel 1220  There's a smattering of these all over the office, some newer models. I think they can work with SIP provided an extra software license, but typically they use Avaya's CS. CS1000  Pretty sure this is a PBX. It looks pretty old. It probably is pretty old, but it seems to be stable, we very rarely have phone issues. It's what we have in our data center. Our telephony team\phone warlocks provide me a T1 line, 24 channels, to a SIP gateway I have attached to a RightFax server. I installed\maintain RightFax, which is the extent of my involvement anything phone related. Plantronics CS50-USB  Wireless Headset, normally works with a hardware phone, but works fine attached to a PC running SIP phone software. It's comfortable, really comfortable, and lightweight. It's also pretty old I think. It makes you sound like you're on an analog phone if you try to use it with any type of HD audio, which is one of the reasons why I wanted to post a thread. Any recommendations for single ear, wireless, lightweight, comfortable headsets, that actually have good audio quality, can be used for HD audio? Software https://jitsi.org - Windows\Mac\Linux - this is what I use lately, pretty good. http://www.ekiga.org - Linux\Mac\Windows Providers http://www.callcentric.com - Very affordably priced. Cheap DIDs. Very reliable in my experience. They also have setup instructions for a multitude of devices. I use them for my home phone. They don't support video nor higher def audio codecs, though! Gizmo5 - I used to use them back in the day. Looks like Google bought them out and it became Google Voice. I was going to post a mediocre review, does Google Voice properly support using SIP clients? Or is Google Voice another pet project Google will eventually kill off? SSH IT ZOMBIE fucked around with this message at 21:28 on Apr 27, 2015 |
#
?
Apr 27, 2015 21:13
|
|
|
|
| # ? Apr 19, 2024 23:02 |
|
|
I'm a DCAP (DIGIUM CERTIFIED ASTERISK PROFESSIONAL). I don't work with Asterisk any more, but I'm pretty good with it, if any one needs any Asterisk help please feel free to ask.
|
|
#
?
Apr 30, 2015 19:54
|
|
|
SIR FAT JONY IVES posted:I'm a DCAP (DIGIUM CERTIFIED ASTERISK PROFESSIONAL). I don't work with Asterisk any more, but I'm pretty good with it, if any one needs any Asterisk help please feel free to ask. Perfect timing. I've never messed around with Asterisk but I'm thinking of maybe using it to replace our 2009 PBX-IP. It would just need to serve 5-8 IP phones most of which are going to be in the LAN and any remote phone would probably connect via VPN. Would running Asterisk on a VM be feasible for this or am I going to want to claw my eyes out trying to configure it? Do you recommend any particular Asterisk implementation?
|
|
#
?
Apr 30, 2015 20:38
|
|
|
We've been using freepbx on a hosted VM for years, runs like clockwork unless our local ISP is having issues. Phones are all polycom 335 or random aastra models, I'd reccomend the polycoms. All access to it is over VPN tunnel or whitelisted static IP, leaving asterisk open to the internet seems to lead to enough hack/abuse attempts to peg the CPU on the VM. sanchez fucked around with this message at 21:23 on Apr 30, 2015 |
|
#
?
Apr 30, 2015 21:20
|
|
|
sanchez posted:We've been using freepbx on a hosted VM for years, runs like clockwork unless our local ISP is having issues. Phones are all polycom 335 or random aastra models, I'd reccomend the polycoms. All access to it is over VPN tunnel or whitelisted static IP, leaving asterisk open to the internet seems to lead to enough hack/abuse attempts to peg the CPU on the VM. Yeah it's amazing how many horror stories you hear about people leaving their PBX exposed to the internet and finding out that it's been used as a call-center in some random chinese province to the tune of thousands of dollars of international calls. You'd think by now SIP providers would've learned to implement some basic fraudulent activity algorithms so they can shut down the connection when something like this happens. One thing I've never quite understood, is forwarding ports 5060-5070 necessary for the PBX to establish a connection to the SIP provider?
|
|
#
?
Apr 30, 2015 21:28
|
|
|
sanchez posted:We've been using freepbx on a hosted VM for years, runs like clockwork unless our local ISP is having issues. Phones are all polycom 335 or random aastra models, I'd reccomend the polycoms. All access to it is over VPN tunnel or whitelisted static IP, leaving asterisk open to the internet seems to lead to enough hack/abuse attempts to peg the CPU on the VM. Yep same here, FreePBX + Polycom Soundpoint IP 331's with an IPSec tunnel to our office and VPNs for remote workers. never had an issue and it's really easy to manage. Would recommend
|
|
#
?
May 1, 2015 01:32
|
|
|
theperminator posted:Yep same here, FreePBX + Polycom Soundpoint IP 331's with an IPSec tunnel to our office and VPNs for remote workers. never had an issue and it's really easy to manage. Just don't use the 331's in conference rooms, the speakerphone & mic is dogshit. The IP 6000's work great for conference rooms though (I would hope so for a loving $500 phone)
|
|
#
?
May 1, 2015 09:58
|
|
|
Ur Getting Fatter posted:One thing I've never quite understood, is forwarding ports 5060-5070 necessary for the PBX to establish a connection to the SIP provider? I have multiple connections to multiple providers, all of them originate from me and are simply natted out my firewalls.
|
|
#
?
May 2, 2015 02:19
|
|
|
Hello all, I'm just coming up on 10 years working for a hosted VoIP provider. First five years on Broadworks, last five on Asterisk, and we're currently testing Freeswitch. Glad to answer any questions I can.Ur Getting Fatter posted:Would running Asterisk on a VM be feasible for this or am I going to want to claw my eyes out trying to configure it? sanchez posted:leaving asterisk open to the internet seems to lead to enough hack/abuse attempts to peg the CPU on the VM. Ur Getting Fatter posted:One thing I've never quite understood, is forwarding ports 5060-5070 necessary for the PBX to establish a connection to the SIP provider? fletcher posted:Just don't use the 331's in conference rooms, the speakerphone & mic is dogshit. The IP 6000's work great for conference rooms though (I would hope so for a loving $500 phone) wolrah fucked around with this message at 21:19 on May 3, 2015 |
|
#
?
May 3, 2015 21:11
|
|
|
wolrah posted:Hello all, I'm just coming up on 10 years working for a hosted VoIP provider. First five years on Broadworks, last five on Asterisk, and we're currently testing Freeswitch. Glad to answer any questions I can. Out of sheer curiosity, do most VoIP providers for their own service purchase SIP trunking from a larger VoIP provider\telco? Or do they have like PRIs attached to their own SIP gateways and interface with the PSTN in-house like that?
|
|
#
?
May 5, 2015 03:39
|
|
|
wolrah posted:Timing can be an issue when passing media through Asterisk (most normal configurations) in fully virtualized environments. It's not as big of a deal now with hardware virtualization support in everything, but it's still a potential concern depending on your platform. Container-based systems on the other hand work pretty well, I have a few instances of Asterisk on OpenVZ and have never had problems caused by it. Thanks for the answer! What do you mean by "container-based systems"?
|
|
#
?
May 5, 2015 04:42
|
|
|
SSH IT ZOMBIE posted:Out of sheer curiosity, do most VoIP providers for their own service purchase SIP trunking from a larger VoIP provider\telco? Or do they have like PRIs attached to their own SIP gateways and interface with the PSTN in-house like that? It varies. I don't know how large the average provider is so I can't really speak to "most", but here's my personal experience. We started as a wholesale provider where we bought the service and softswitch space from the same provider, basically doing sales and tier 1-2 support on our end. Now we run our own softswitches but we're not large enough to justify dealing with the big telcos so we get our dialtone from a variety of middle-man providers who then connect us to the big names. It's SIP the whole way to the PSTN in most cases. If it's going to another VoIP system there's a reasonable chance it never touches the PSTN, lots of providers are interconnected in various ways. If the ones you're connected to are cooperative you can do some neat things you can't do on the PSTN, like wideband codecs or even video. Ur Getting Fatter posted:Thanks for the answer! What do you mean by "container-based systems"? LXC, OpenVZ (Virtuozzo), and the like which don't actually virtualize an entire computer but instead provide what's effectively another instance of the host OS running as a user process in the host. It's less isolated, but a lot lighter weight as well so it's really nice if you need a lot of mostly identical virtual environments. The big catch here is that you don't get any choice in kernels, whatever the host runs is what you run. This means that a Linux host can't run any guests other than Linux for example, though you can get most distros going as long as they don't depend on specific kernels. Lots of things that relate to hardware will also be unchangeable, even to your "root" user, for example the system clock comes to mind. wolrah fucked around with this message at 05:10 on May 5, 2015 |
|
#
?
May 5, 2015 05:02
|
|
|
This is probably as close to a job-related thread as I'll find, so Major US Wireless Carrier Switch Tech checking in. Ask me about MME, MGW, DACS, RNC, BSC, BTS, LSM, MML, SS7, DIAMETER, T1-OC999999, and how much I hate Reflection as a terminal emulator.
|
|
#
?
May 6, 2015 03:34
|
|
|
Is there any down side to disabling http and allowing only https on my Cisco 79xx phone in a cucm environment?
|
|
#
?
May 6, 2015 03:41
|
|
|
SSH IT ZOMBIE posted:Out of sheer curiosity, do most VoIP providers for their own service purchase SIP trunking from a larger VoIP provider\telco? Or do they have like PRIs attached to their own SIP gateways and interface with the PSTN in-house like that? Smart ones will unbundle their inbound/DID purchase from their termination purchase. Having several carriers for termination and a rudimentary LCR will save money at fairly small traffic volumes. I've built a CLEC and an ITSP, been in the industry for almost 10 years now. So I can handle questions about the facilities based carrier side of things as well as the SIP trunking provider side of things. I'd imagine this is a long shot, but has anyone used Intelequent (fka Neutral Tandem)'s access tandem service? I'm going out there Thursday for a dog and pony show and we may home some of our LRNs behind them instead of the ILECs. SIP handoff for access tandem service is so attractive. FatCow fucked around with this message at 04:27 on May 6, 2015 |
|
#
?
May 6, 2015 04:25
|
|
|
I am a Lync 2013 server administrator for a medium sized company with full enterprise voice and external SIP trunking for our PSTN needs. I dont really touch the SIP side all that much but can be helpful with any questions regarding Lync administration/troubleshooting and/or delicious powershelling.
|
|
#
?
May 6, 2015 14:31
|
|
|
Bohemian Cowabunga posted:I am a Lync 2013 server administrator How much do you drink per day?
|
|
#
?
May 6, 2015 14:33
|
|
|
SIR FAT JONY IVES posted:How much do you drink per day? Dont mention the war 
|
|
#
?
May 6, 2015 14:48
|
|
|
Bohemian Cowabunga posted:Dont mention the war One of my absolute favorite IT stories is from when I was in an airport shuttle from the airport in Seattle. A guy gets on the shuttle and stands next to me, he's wearing an OCS shirt. I ask him if he worked for Microsoft, and if he was a developer for Lync, he says he used to be, but when HP decided to use Lync MS just sort of gave him to them, so now all he does is manage HP's Lync installation, but he used to be a developer for the platform. He asked if I was a Lync admin, I mentioned that I was working on a big roll out with a customer now. He looked me in the eyes, and said "I'm really sorry, I really am." Then we both looked down at our feet in silence until the bus stop.
|
|
#
?
May 6, 2015 14:54
|
|
|
Hahaha, yeah that says alot. Wanna simultaneously slap the guy and buy him a beer. Heres to them fixing major bugs and annoying quirks that have been present in the product for years in ~~ Skype For Business ~~ they wont
|
|
#
?
May 6, 2015 15:01
|
|
|
FatCow posted:Smart ones will unbundle their inbound/DID purchase from their termination purchase. Having several carriers for termination and a rudimentary LCR will save money at fairly small traffic volumes. Very true. When we were on the platform where we had to buy the service from the host we got absolutely  on outbound. At the start it was all Level3 in and out so we justified it to ourselves as being expensive but good, then the host decided they wanted to sell to Comcast and started doing LCR to anyone who'd sell them termination to boost their profit margins at a massive impact to service quality. They did reinvites and had us talking directly to the termination provider so it made it pretty easy to see what was happening and start making plans to GTFO.Related tip: Never let a service provider find out you're leaving until you're ready to move. Getting a letter on Wednesday that says your service will cease on Friday and having to move 1500 extensions across 100 or so customers in 48 hours is an insane experience. The entire company should have been sponsored by Five Hour Energy for the next week, we went through enough of it.
|
|
#
?
May 6, 2015 15:02
|
|
|
Bohemian Cowabunga posted:Hahaha, yeah that says alot. Wanna simultaneously slap the guy and buy him a beer. My experience with Lync was really bad, since I had a customer, maybe 100 users, tell me they want to deploy Lync 2010. I had never done that before, but I told my boss (I was a consultant) and he said "good, just figure it out and charge them per hour." I asked if we could farm it out and I was told no. So I got a bunch of books on Lync, and spent a week reading them and setting up some VMs to learn it. The worst part was that I kept finding out you need to buy more things to get more functions. You need Lync, then a Lync Front End Server, then a TMG server, etc. It was bad because I kept having to tell my manager, and then the customer, that we needed to buy more licenses and servers (they refused to virtualize anything). They were getting increasingly upset at me (both my manager and the customer) since I was sinking so much time and money into it. But I knew nothing about it, so what else was I supposed to do? Finally I had it 90% working, except the mobile client, and I begged my manager to let me hire out and get a couple hours with someone that could help. He agreed, and eventually I got a guy to remote in and check it out. Turns out my SSL Cert was incorrect, fixed that, and it all worked fine. Then I got it working with Asterisk, which was also a nightmare. EDIT: My advice for anyone working with Asterisk and SIP: Learn to use Wireshark, and learn to read a SIP trace. Figure out how to do tcpdump on your server and just snatch a few minutes of calls and decode it. Get really familiar with what a good SIP session looks like. And then do weird things, like hang up one end, while leaving the other end up, be silent on a call for a minute, dropping a call from the console, unplugging a phone in the middle of a call, etc, and see what it does. My biggest problem in the world of Asterisk is providers that don't know how to troubleshoot their SIP trunks, because their people don't get what SIP packets look like and should do. If I have calls drop after a minute, and I clearly see your server send me a GOODBYE, then clearly something is odd on your end. When users complain about "calls sounding bad", which they will, learn to calmly and politely ask them to explain specifically what happened. Echo? Feedback? Static? Did you both hear it, or just one side? Was the all inbound/outbound? What DID specifically did the caller dial to get in, what did you dial out? For users that were really problematic, but I couldn't figure out what the problem was, I would get them a little notebook and leave it next to their phone and ask them to write down as soon as there was a problem, all the details, so I could get a really good handle on it. Next is to learn how to handle carriers. I was forever calling Broadview or Paetec about a PRI having issues, and they'd say "oh, it looks fine from here." So I'd unplug the cable from the smart jack or power off the IAD and say "does it look good now?" and if they said "sure, I don't see any change," I'd immediately ask for their manager since there's no way you are doing anything. This guaranteed me results. Also keep detailed call records of problem calls, since most carriers can only access the last 24 hours of call records to see what happened. If we are in a anecdote mood, I have several stories about crazy clients with VOIP problems making me want to kill myself. One that comes to mind is after a roll out of Aastra 57i's to a client, a guy called in complaining his phone wouldn't stop ringing. He had called on his cell phone so I could hear it. Sure enough his phone is just ringing over and over. But the volume is modulating, quiet, loud, quiet, loud. He's furious. I'm stumped, but I ask him "sorry, but this is a stupid question but are you just hitting the volume up and down keys over and over? And he says "YES THATS THE PROBLEM WHEN I HIT THEM THE PHONE RINGS" He's furious, so I tell him those are volume keys, so stop pressing them and it will stop ringing. He does, it gets quiet, and he's says "that's nonsense" and hangs up. Super-NintendoUser fucked around with this message at 15:31 on May 6, 2015 |
|
#
?
May 6, 2015 15:07
|
|
|
SIR FAT JONY IVES posted:EDIT: This is a very good post. SIP is a largely plaintext protocol like HTTP (in fact if you're familiar with HTTP you'll feel right at home with authentication and response codes) so it's pretty close to human readable as-is, but Wireshark's decoders make quick work of the rest and let you easily filter down to what you're looking for. It's also quite true that the providers are often useless to solve their own problems unless you're prepared to provide captures and occasionally back them up with RFCs to prove they're doing it wrong. quote:One that comes to mind is after a roll out of Aastra 57i's to a client, a guy called in complaining his phone wouldn't stop ringing. He had called on his cell phone so I could hear it. Sure enough his phone is just ringing over and over. But the volume is modulating, quiet, loud, quiet, loud. He's furious. I'm stumped, but I ask him "sorry, but this is a stupid question but are you just hitting the volume up and down keys over and over? I have had literally the same conversation with people before. How they never manage to put two and two together is mind-boggling.
|
|
#
?
May 6, 2015 15:54
|
|
|
I'm going to have to help oversee a VOIP rollout for my current company of about 200 users in our central office and another 200 scattered all over the country. I have little to no telephony experience besides being on the periphery of a Lync 2013 rollout that did not go smoothly at all. So far I'm trying to just figure out precisely what the company needs and wants, how many concurrent calls we would plan to have at peak, and building in redundancy. Redundancy more than anything is important to this company. The POTS system we have has been rock solid but is old and out of support. We cant get new parts for it so it's definitely time to move on.
|
|
#
?
May 6, 2015 17:33
|
|
|
SIR FAT JONY IVES posted:If we are in a anecdote mood, I have several stories about crazy clients with VOIP problems making me want to kill myself. Please do.
|
|
#
?
May 6, 2015 23:00
|
|
|
Can anyone recommend a decent UK Broadcloud reseller aimed at SMB clients? I want to use Polycom VVX handsets and for some insane reason this company of like 30 people wants hot desking to work 
|
|
#
?
May 7, 2015 00:24
|
|
|
At work they are trying out a new conference room setup with zoom.us, an iPad, and a Logitech cc3000e. It seems pretty slick so far, the audio on the Logitech sounds great.
|
|
#
?
May 7, 2015 02:26
|
|
|
I spent several years working with ShoreTel (and have whatever their certs are) if anyone has any questions. I am sorry to say that I am the guy that just stripped the heads off of spare CAT5 cables and punched them down in your demarc instead of getting actual phone wire.
|
|
#
?
May 7, 2015 02:40
|
|
|
fletcher posted:At work they are trying out a new conference room setup with zoom.us, an iPad, and a Logitech cc3000e. It seems pretty slick so far, the audio on the Logitech sounds great. In a discussion about this in another thread the Lifesize Icon Flex was mentioned, which looks like a decent step up from the Logitech but keeping a non-insane price point.
|
|
#
?
May 7, 2015 02:45
|
|
|
So is there any way to have a secure SIP communication or is SIP inherently weak? If not SIP, what's the closes thing to a secure protocol for voice comms?
|
|
#
?
May 7, 2015 05:28
|
|
|
madsushi posted:I am sorry to say that I am the guy that just stripped the heads off of spare CAT5 cables and punched them down in your demarc instead of getting actual phone wire. Wait, is there something wrong with that? I always figured Cat5 is basically high quality phone cable when used like that. Ur Getting Fatter posted:So is there any way to have a secure SIP communication or is SIP inherently weak? What kind of threats are you concerned about? SIP certainly isn't inherently insecure, but it is really easy to configure some SIP devices to operate in insecure ways.
|
|
#
?
May 7, 2015 05:33
|
|
|
Ur Getting Fatter posted:So is there any way to have a secure SIP communication or is SIP inherently weak? SIP can be sent over TLS. If the SIP is encrypted the RTP can be encrypted as well. Keep in mind nothing is encrypted once you get past the customer/provider relationship. All carriers hand off plaintext to each other.
|
|
#
?
May 7, 2015 09:48
|
|
|
wolrah posted:Wait, is there something wrong with that? I always figured Cat5 is basically high quality phone cable when used like that. I don't know, I imagine that there's three possible attack vectors: 1) Malware at a Router/PBX level. Nothing you can do about this, if you're infected and something is scanning your packets before they leave your network then you're hosed short of tunnelling all your traffic per-device via a VPN. 2) Someone is intercepting your traffic after it leaves your network but before it gets to your provider. Like at the DSLAM, for example. 3) Someone is intercepting your traffic at the VOIP provider, maybe even the VOIP provider itself. Scenario 1) comes down to how secure your own network is, so I'm interested if there's any way to protect yourself against scenarios 2) and 3). Edit: this sounds like I'm worried the NSA is spying me or something. I'm not (or, more accurately, I have no doubts that if the NSA wanted to listen in on my conversations they could), I'm just curious about this at a theoretical level. dpkg chopra fucked around with this message at 17:44 on May 7, 2015 |
|
#
?
May 7, 2015 17:42
|
|
|
Your #1 and #2 concerns can be mitigated by using standard encryption technologies. SIP over TLS plus Secure RTP will get you encryption from any modern endpoint to any modern PBX. #3, there's nothing you can do there except trust your provider or run your own. Wherever you interface with the PSTN is going to be in the clear no matter what, but if you're running your own box(es) you can do secure direct SIP links to anyone else you feel the need to have protected conversations with.
|
|
#
?
May 7, 2015 19:04
|
|
|
One of the biggest insecurities of SIP is just a pretty simple brute force attack. Essentially, when a malicious SIP attack happens, the attacker first brute forces extension numbers, so he starts at 100, then 101, 102, etc. Most SIP servers will respond "invalid extension" for ones that don't exist, but then when they hit a valid extension, the SIP server responds "Ok, whats the password word?" Then they know they have a valid username, and can brute force the extension password. You can configure the server to respond "invalid extension" or not respond at all to an invalid extension, if they don't have the right password in the initial AUTH that way the attacker never gets through step 1 of brute forcing a valid username HOWEVER All this is mitigated if you install FAIL2BAN. If you don't have that on your Asterisk box DO IT NOW. This daemon will troll log files of everything, not just SIP, for failed authentications. You point it to a log file, tell it what the failures look like in the log, and then it will count the occurrences of that string, and if it hits a threshold, usually five or six, it'll automatically add a IPTables rule to block that IP Address. Go, install it now, I'll wait. The law is written in such a way that the end user, not the Telco that gives them the SIP service, is responsible for their security. So if someone hacks your box (which will be attempted) and makes a million international calls outbound, YOU are responsible for the charges. So secure your system.
|
|
#
?
May 7, 2015 19:14
|
|
|
We are talking with a software house that might develop some application that you can call into and punch some numbers. VoiceXML was mentioned, anyone that have experience with that?
|
|
#
?
May 7, 2015 19:32
|
|
|
SIR FAT JONY IVES posted:All this is mitigated if you install FAIL2BAN. If you don't have that on your Asterisk box DO IT NOW. Can't repeat this enough. Just looking at one of my servers Fail2Ban has blocked over 3000 different attacks today. It's like having bullet-proof glass in that it won't stop everything but it'll stop a lot. Something that can reduce this significantly is moving your SIP port off of 5060. This is sort of "security through obscurity" but in the case of bulk scanners obscurity often works. If you're doing config file based provisioning rather than manually programming phones it's no extra work for anyone and only the shittiest of endpoints will have problems with it. Another potential vulnerability (which is in no way specific to VoIP but can scale a lot larger a lot easier in a VoIP environment) can occur if your system allows users to forward their calls from voicemail. A user with a DID and international calling privileges + a weak password + no per-user call limit = hope you like paying for calls to Derpistan. We had a few big ones like that when we were on Broadsoft, but when we changed to Asterisk we realized there were only a half dozen or so legitimate users of that feature so we just told them it was no longer available. edit: Also a lot of SIP servers support randomly auto-generating passwords that are usually long hex strings. If your platform can do this, use it. Fail2Ban might not get a chance to do its job if you have a common extension (as noted the scanners often start at 1000) and the password is weak. Alphanumeric "extensions" also help, but these are not commonly used since direct SIP calling has never caught on and they end up having to map to a number for most people to use anyways. wolrah fucked around with this message at 20:22 on May 7, 2015 |
|
#
?
May 7, 2015 20:17
|
|
|
Bohemian Cowabunga posted:We are talking with a software house that might develop some application that you can call into and punch some numbers. Asterisk is what most people would use. I've configured a lot of asterisk systems people can call into and punch numbers. It can do pretty much anything you'd ever way. This is a double edged sword, since it does EVERYTHING, so it's hard to define exactly what you want.
|
|
#
?
May 7, 2015 20:44
|
|
|
wolrah posted:edit: Also a lot of SIP servers support randomly auto-generating passwords that are usually long hex strings. If your platform can do this, use it. Fail2Ban might not get a chance to do its job if you have a common extension (as noted the scanners often start at 1000) and the password is weak. Alphanumeric "extensions" also help, but these are not commonly used since direct SIP calling has never caught on and they end up having to map to a number for most people to use anyways. Wait, so PASSWORD=extension isn't a good idea? What if the extension is a three digit number. That's 999 possible options. How can a computer possible hack that?
|
|
#
?
May 7, 2015 20:51
|
|
|
|
| # ? Apr 19, 2024 23:02 |
|
|
Oh, hey, an IPT thread. I should finish my CCNP Voice/CCNP Collaboration this week, and have been working with CUCM for almost 8 years now. Asterisk has interested me for a while, just never had any opportunity to mess with it.
|
|
#
?
May 26, 2015 06:30
|
|
