[App_rpt-users] SIP VoIP for Asterisk
Bill South
wbs099 at yahoo.com
Thu Sep 5 20:39:11 UTC 2013
While this thread is not part of what I originally asked about (SIP provider recommendations) I'll add that 911 access is mandated in some LATAs, but seems to be some debate if it must be 911 or if 9-911 is OK, or other variations. I worked in the telecom business for over 25 years in various parts of the USA and different localities would respond differently to the question about 911. When E911 first came out, where a database lookup was done by the local police emeregency agency systems answering 911 calls showing names and addresses, some jurisdictions mandated that database had to show the exact location the call was originating from, not a billing address of some companies headquarters. Big problem for some large companies where a single billing address is used for all telco circuits. For residences I'm not sure anyone has put much thought into laws regarding 911 dialing and any restrictions thereof; businesses on the other hand, where
100's maybe thousands of workers are in the same building and floor and locating a 911 caller could be pretty tough for local emnergency responders, there are, or were anyway, laws in some locations mandating 911 unrestricted. The thought has always been though that in an emergency people have the expectation, whether at home or work, that they can dial 911 and get help; not sure where the laws stands now on that across the USA.
--------------------------------------------
On Thu, 9/5/13, Dwaine Garden VE3GIF <DwaineGarden at rogers.com> wrote:
Subject: Re: [App_rpt-users] SIP VoIP for Asterisk
To: "Jim Duuuude" <telesistant at hotmail.com>
Cc: "app_rpt mailing list" <app_rpt-users at ohnosec.org>
Date: Thursday, September 5, 2013, 7:40 PM
Canadian customers have to provide an
address and name for 911 purposes for a DID. Bell and
Rogers were mandated with their VoIP services.
I gave them the logs of the server where the IP address were
listed. Rogers was good and moved me to a new IP address
and filtered out the source.
I had an iptables script that would ban IP address that
attempted a certain number of connections during a certain
amount of time. Then ban that IP address. It worked great.
It stopped the hackers script dead cold. Until they ran
the 911 script. They were ruthless in their attacks.
My all-star node was the best fun I have had with Ham radio.
I'll fire it back up again. Just waiting for the dust
to settle without a DID setup.
Dwaine
Jim Duuuude <telesistant at hotmail.com> wrote:
Double BRAVO-SIERRA!!
If that were true, a LOT of large business owners (some of
which may even operate
large businesses :-) ) would be in jail, if they HAPPEN to
have a phone system or even
worse, service from the "phone company", that
requires dialing 9 to get an "outside line".
I bet even the police dept has to dial 9 to dial 911.
And as far as that goes, put the line in your pet
tarantula's name, and make it clear to them
that the spider is more then willing to 'serve its
time' for such a terrible transgressions!! :-)
Wholesale outbound telecom services, such as ones provided
by most SIP providers, are *NOT*
"in your name", *NOR* do they even technically
have a "phone number" or a "service
address".
Just because you pay the bill for them does not, in any
manner, construe that you are the end user
of the service.
Jim
Date: Thu, 5 Sep
2013 14:58:42 -0400
Subject: RE: [App_rpt-users] SIP VoIP for Asterisk
From: DwaineGarden at rogers.com
To: telesistant at hotmail.com
CC: dshaw at ke6upi.com; app_rpt-users at ohnosec.org
It was an interesting experience. Has anyone else
experienced the same problem and had the police involved?
I did mention that I would change the
Dial string. The police told me that a person has to be
able to dial 911 and get emergency services.
I gave up and just walked over to the all-star computer and
hit the power button. Sadly, it has been off ever since.
If I had changed the 911 Dial string before the incident.
The police would of not gotten involved. Never known about
the situation.
Just let everyone know. The two police officers were very
good about it. They told me that its happening a lot and
911 is getting a little upset about it.
I told them they should go after the person responsible.
They told me that's you. The line is in your name.
Anyway, just wanted to throw out there my experience.
Dwaine
Jim Duuuude <telesistant at hotmail.com> wrote:
Okay (and yes, that is STUPID and most likely
WRONG, but most police depts are
just completely ignorant of telecom issues). So, fine...
GIVE them access to 911.
Let them dial it. But, sadly, on YOUR phone network, the
dialing string is just a LITTLE
bit longer (like about 30 digits in front of the 911)... get
it?
Jim
Date: Thu, 5 Sep
2013 14:07:58 -0400
From: DwaineGarden at rogers.com
To: dshaw at ke6upi.com
CC: app_rpt-users at ohnosec.org
Subject: Re: [App_rpt-users] SIP VoIP for Asterisk
The problem is you are not allowed by law to have a phone
without unrestricted access to 911. I had Metro Toronto
police at my door explaining that even if I block 911 to any
outside connections I would be breaking the law. If you
have a server on the internet with sip. They have to able
to connect to be able to call 911.
I told the police it was retard. They told me that was fine
they will charge me.
Police told me that even if someone breaks into your house.
If there is a phone install, the criminals better have
access to dial 911 unrestrictive.
The hackers did not get into the box. They were trying for
months. Got pissed off and changed their script to dial
911 constantly. SIP and DID see a 911 call. It dials it.
No questions asked. No login or nothing.
The Police told me it was a huge problem. SIP or DID are
setup like a public pay phone. Full access to 911.
It was an eye opener for me. You learn something new
everyday. If I see someone asking about SIP or DID. I let
them know about my experience.
David KE6UPI <dshaw at ke6upi.com> wrote:
I'm sorry Dwaine what are you
talking about? Sorry If I don't understand what your
talking about.
I have both a public Asterisk server and a local
Asterisk server. I have never had anyone connect and make a
call that was not authenticated user.. Yes they try and
fail2ban will block them. There are many way to stop
unwanted hackers on your server.
As for dialing 911 just make a dial plain to route to space
if you want.
Google "Asterisk Security"
http://www.voip-info.org/wiki/view/Asterisk+security
David
On Thu, Sep 5, 2013
at 9:13 AM, Dwaine Garden VE3GIF <DwaineGarden at rogers.com>
wrote:
It
works great until the hacks find the machine. They
port scan non stop. Its especially fun when their
scripts dial 911 constantly. There is no way to turn
off dialing 911 for SIP.
Bill South <wbs099 at yahoo.com>
wrote:
> I'm thinking of adding some type of
SIP trunking or other VoIP service provider to my ACID
Asterisk system to support in/out bound calling.
I've read some emails on the app_rpt reflector
with names of providers mentioned, but I am looking for
recommendations, as there are zillions of VoIP providers out
there. This is going to be used very sparingly so
least-cost is a good thing, but good reliability and no
bombardment with email adds by the provider is desired too.
I can easily get by with a single number, but may want
to add additional DIDs later. Thoughts?
>
>Bill
>
>
>_______________________________________________
>App_rpt-users mailing list
>App_rpt-users at ohnosec.org
>http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
-----Inline Attachment Follows-----
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
More information about the App_rpt-users
mailing list